Cross-site scripting vulnerability (XSS) in MHonArc 2.5.12 and earlier allows remote attackers to insert script or HTML via an email message with the script in a MIME header name.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Mhonarc | Mhonarc | 2.4.4 (including) | 2.4.4 (including) |
| Mhonarc | Mhonarc | 2.5.2 (including) | 2.5.2 (including) |
| Mhonarc | Mhonarc | 2.5.12 (including) | 2.5.12 (including) |
References
- http://www.debian.org/security/2002/dsa-199
- http://www.mhonarc.org/archive/cgi-bin/mesg.cgi?a=mhonarc-users\u0026i=200210211713.g9LHDXE02256%40mcguire.earlhood.com
- http://www.osvdb.org/7353
- http://www.securityfocus.com/bid/6204
- https://exchange.xforce.ibmcloud.com/vulnerabilities/10666
- http://www.debian.org/security/2002/dsa-199
- http://www.mhonarc.org/archive/cgi-bin/mesg.cgi?a=mhonarc-users\u0026i=200210211713.g9LHDXE02256%40mcguire.earlhood.com
- http://www.osvdb.org/7353
- http://www.securityfocus.com/bid/6204
- https://exchange.xforce.ibmcloud.com/vulnerabilities/10666