9 lines
No EOL
468 B
Text
9 lines
No EOL
468 B
Text
source: http://www.securityfocus.com/bid/14676/info
|
|
|
|
SqWebMail is affected by a vulnerability that may allow remote attackers to inject and execute arbitrary script code in a user's browser.
|
|
|
|
This may allow for various attacks including session hijacking due to the theft of user credentials.
|
|
|
|
SqWebMail 5.0.4 is reportedly vulnerable to this issue. It is possible that other versions are affected as well.
|
|
|
|
<img src="cid:>" onError="alert(document.domain);"> |