CVE-2004-2379

Name of the Vulnerable Software and Affected Versions: @Mail version 3.64

Description: The issue concerns multiple cross-site scripting (XSS) vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML via specific attributes, including the Displayed Name attribute in util.pl and the Folder attribute in showmail.pl.

Recommendations: For @Mail version 3.64, consider disabling the util.pl and showmail.pl scripts until a patch is available to prevent exploitation of the XSS vulnerabilities via the Displayed Name and Folder attributes. Restrict access to these scripts to minimize the risk of arbitrary web script or HTML injection.