Family: CGI abuses : XSS --> Category: infos
SurgeMail <= 3.0c2 Multiple Cross-Site Scripting Vulnerabilities Vulnerability Scan
Vulnerability Scan Summary
Checks for multiple vulnerabilities in SurgeMail <= 3.0c2
Detailed Explanation for this Vulnerability Test
The remote mail server is vulnerable to multiple cross-site scripting
According to its banner, the remote host is running SurgeMail version
3.0c2 or earlier. These versions reportedly are prone to multiple
cross-site scripting issues, which a possible hacker could exploit to inject
arbitrary HTML and script code into a user's browser to be processed
within the context of the affected website.
See also :
Upgrade to SurgeMail 3.2e1 or later.
Low / CVSS Base Score : 2
Click HERE for more information and discussions on this network vulnerability scan.