Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: CGI abuses : XSS --> Category: infos

IlohaMail Email Message Cross-Site Scripting Vulnerabilities Vulnerability Scan

Vulnerability Scan Summary
Checks for email message cross-site scripting vulnerabilities in IlohaMail

Detailed Explanation for this Vulnerability Test

Synopsis :

The remote web server contains a PHP application that is subject to
cross-site scripting attacks.

Description :

Based on its version number, the installation of IlohaMail on the
remote host does not properly sanitize attachment file names, MIME
media types, and HTML / text e-mail messages. A possible hacker can exploit
these vulnerabilities by sending a specially-crafted message to a user
which, when read using an affected version of IlohaMail, will allow
him to execute arbitrary HTML and script code in the user's browser
within the context of the affected web site.

See also :

Solution :

Upgrade to IlohaMail version 0.8.14-rc3 or newer.

Threat Level:

Low / CVSS Base Score : 2

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.