Rudi Benkovic JAWMail Script Injection Vulnerability

Problems with JAWMail could make it possible to execute arbitrary script code in a vulnerable client.

JAWMail does not sufficiently filter malicious HTML code from e-mails. As a result, when a user opens an email in JAWMail that contains malicious HTML code, the code contained in the mail would be executed in the browser of the mail user.


 

Privacy Statement
Copyright 2010, SecurityFocus