Family: CGI abuses : XSS --> Category: attack
Open WebMail Logindomain Parameter Cross-Site Scripting Vulnerability Vulnerability Scan
Vulnerability Scan Summary
Checks for logindomain parameter cross-site scripting vulnerability in Open WebMail
Detailed Explanation for this Vulnerability Test
The remote webmail server is affected by a cross-site scripting flaw.
The remote host is running at least one instance of Open WebMail that
fails to sufficiently validate user input supplied to the 'logindomain'
parameter. This failure enables a possible hacker to run arbitrary script
code in the context of a user's web browser.
See also :
Upgrade to Open WebMail version 2.50 20040212 or later.
Low / CVSS Base Score : 2
Click HERE for more information and discussions on this network vulnerability scan.