Summary
This host is installed with OpenWebMail and is prone to multiple cross-sites scripting vulnerabilities.
Impact
Successful exploitation will allow remote attackers to inject arbitrary web script or HTML via unknown vectors and conduct cross-sites attacks.
Impact Level: Application
Solution
Upgrade to version 2.53 or later.
http://openwebmail.org/
Insight
The vulnerability is caused because the application does not sanitise the user supplied data.
Affected
OpenWebMail versions prior to 2.53
References
Severity
Classification
-
CVE CVE-2008-7202 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N
Related Vulnerabilities
- APC PowerChute Network Shutdown HTTP Response Splitting Vulnerability
- 7Media Web Solutions EduTrac Directory Traversal Vulnerability
- AbanteCart Multiple Cross-Site Scripting Vulnerabilities
- Alt-N WebAdmin Remote Source Code Information Disclosure Vulnerability
- Apache Tomcat TroubleShooter Servlet Installed