Family: CGI abuses : XSS --> Category: infos
Open WebMail Content-Type XSS Vulnerability Scan
Vulnerability Scan Summary
Checks for Content-Type XSS flaw in Open WebMail
Detailed Explanation for this Vulnerability Test
The target is running at least one instance of Open WebMail whose
version is 2.32 or earlier. Such versions are vulnerable to a cross
site scripting attack whereby a possible hacker can cause a victim to
with a specially crafted Content-Type or Content-Description header.
For further information, see :
***** Nessus has acertaind the vulnerability exists on the target
***** simply by looking at the version number of Open WebMail
***** installed there.
Solution : Upgrade to Open WebMail version 2.32 20040603 or later.
Threat Level: Medium
Click HERE for more information and discussions on this network vulnerability scan.