Icewarp mail server 11.0.0.0 crosssite scripting Vulnerability / Exploit
/
/
/
Exploits / Vulnerability Discovered : 2014-02-17 |
Type : webapps |
Platform : php
This exploit / vulnerability Icewarp mail server 11.0.0.0 crosssite scripting is for educational purposes only and if it is used you will do on your own risk!
[+] Code ...
Disclaimer:
[This code is for Educational Purposes , I would Not be responsible
for any misuse of this code]
Attack type : Remote
Patch Status : Unpatched
Exploitation :
# Author: Usman Saeed
# Company: Xc0re Security Research Group
# Website: http://www.xc0re.net
# Twitter : http://twitter.com/emuess
# Original Advisory DATE: [29/01/2014]
# Publishing of Exploit Date : [17/02/2014]
Description
===========
It is possible to inject malicious HTML Elements into the email and
cause a Cross site Scripting (XSS) payload to be executed.