V-webmail Multiple Cross-Site Scripting Vulnerabilities

V-webmail Multiple Cross-Site Scripting Vulnerabilities

An exploit is not required.

The following example URI were provided to demonstrate these issues:

http://www.example.com/preferences.personal.php?newid=[code]

http://www.example.com/frameset.php?vwebmailsession=&rframe=[url]