Bugtraq mailing list archives
I have discovered small xss error in open webmail 2.41
From: s3cure () poczta fm
Date: 3 Sep 2005 16:07:03 -0000
Discovered by s3cure Risk: small When we are logged on account we see: http://site.site/cgi-bin/openwebmail/openwebmail-main.pl?sessionid=yourlogin*-session-0.274744641575129&action=listmessages_afterlogin Now we can do small xss: http://site.site/cgi-bin/openwebmail/openwebmail-main.pl?sessionid=yourlogin*-session-here xss&action=listmessages_afterlogin Ofcourse we can do a lots of other things but ... It's now your job.
Current thread:
- I have discovered small xss error in open webmail 2.41 s3cure (Sep 06)