CVE-2005-0314

Name of the Vulnerable Software and Affected Versions Magic Winmail Server version 4.0 Build 1112

Description A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML via the personal information fields in the user.php file. This could potentially lead to unauthorized actions on the affected system.

Recommendations For Magic Winmail Server version 4.0 Build 1112, consider restricting access to the user.php file until a patch is available, and avoid using the personal information fields in a way that could allow arbitrary script injection. At the moment, there is no information about a newer version that contains a fix for this vulnerability.