CVE-2008-0872

EPSS 1.7%

Cross-site scripting (XSS) vulnerability in SmarterTools SmarterMail Enterprise 4.3 allows remote attackers to inject arbitrary web script or HTML via a STYLE attribute of an element in the Subject field of an e-mail message.

Affected products

n/a · n/a

public PoCs found — 1

exploitdbwww.exploit-db.com/exploits/31240unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://es.geocities.com/jplopezy/SmarterMailXSS.txt http://secunia.com/advisories/29024 http://securityreason.com/securityalert/3686 http://www.securityfocus.com/archive/1/488313/100/0/threaded http://www.securityfocus.com/bid/27878 http://www.securitytracker.com/id?1019461