CVE-2010-4646

Name of the Vulnerable Software and Affected Versions Hastymail2 versions prior to 1.01

Description A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via a crafted background attribute within a cell in a TABLE element. This is related to the improper use of the htmLawed filter.

Recommendations For versions prior to 1.01, update to version 1.01 or later to resolve the issue. As a temporary workaround, consider restricting the use of the background attribute within TABLE elements to minimize the risk of exploitation.