CVE-2006-0536

Name of the Vulnerable Software and Affected Versions NeoMail version 1.27

Description A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML. The sort parameter is vulnerable to this issue, although some sources suggest the date parameter might also be affected.

Recommendations For NeoMail version 1.27, avoid using the sort parameter in the affected API endpoint until the issue is resolved. As a temporary workaround, consider restricting access to the sort parameter to minimize the risk of exploitation.