PT-2003-1181 · Kerio · Kerio Mailserver

Published

2003-03-18

Updated

2008-09-05

CVE-2002-1434

CVSS v2.0

6.8

Medium

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Kerio MailServer version 5.0

Description The issue concerns multiple cross-site scripting (XSS) vulnerabilities in the Web mail module. These vulnerabilities allow remote attackers to execute HTML script as other users via certain URLs.

Recommendations For Kerio MailServer version 5.0, update to a version that includes a fix for this issue to prevent remote attackers from executing HTML script as other users.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2002-1434

Affected Products

Kerio Mailserver

PT-2003-1181 · Kerio · Kerio Mailserver

CVE-2002-1434

Related Identifiers

Affected Products

References · 5