Cross-site scripting vulnerability in message.php for AeroMail before 1.45 allows remote attackers to execute Javascript as an AeroMail user via an email message with the script in the Subject line.
References
Link | Resource |
---|---|
http://archives.neohapsis.com/archives/bugtraq/2002-03/0004.html | Exploit Vendor Advisory |
http://the.cushman.net/projects/aeromail/download/aeromail-1.45.tar.gz | |
http://www.iss.net/security_center/static/8346.php | Patch Vendor Advisory |
http://www.securityfocus.com/bid/4215 | Patch Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2002-06-11T04:00:00
Updated: 2002-06-15T09:00:00
Reserved: 2002-06-07T00:00:00
Link: CVE-2002-0411
JSON object: View
NVD Information
Status : Analyzed
Published: 2002-08-12T04:00:00.000
Modified: 2008-09-05T20:27:57.260
Link: CVE-2002-0411
JSON object: View
Redhat Information
No data.
CWE