MicroWorld Technologies MailScan Multiple Remote Vulnerabilities
MailScan is prone to multiple remote vulnerabilities:
- A directory-traversal vulnerability
- An authentication-bypass vulnerability
- A cross-site scripting vulnerability
- An information-disclosure vulnerability
An attacker can exploit these issues to obtain sensitive information, gain unauthorized access to the affected application, execute arbitrary script code within the context of the website, and steal cookie-based authentication credentials. Other attacks are also possible.
MailScan 5.6.a espatch1 is vulnerable; other versions may also be affected.