Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: CGI abuses : XSS --> Category: infos

Open WebMail Content-Type XSS Vulnerability Scan

Vulnerability Scan Summary
Checks for Content-Type XSS flaw in Open WebMail

Detailed Explanation for this Vulnerability Test

The target is running at least one instance of Open WebMail whose
version is 2.32 or earlier. Such versions are vulnerable to a cross
site scripting attack whereby a possible hacker can cause a victim to
unknowingly run arbitrary Javascript code by reading a MIME message
with a specially crafted Content-Type or Content-Description header.
For further information, see :

***** Nessus has acertaind the vulnerability exists on the target
***** simply by looking at the version number of Open WebMail
***** installed there.

Solution : Upgrade to Open WebMail version 2.32 20040603 or later.

Threat Level: Medium

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.