Cross-site scripting (XSS) vulnerability in Webmail in Sun ONE Messaging Server 6.1 and iPlanet Messaging Server 5.2 prior to 5.2hf2.02, when Internet Explorer is used, allows remote malicious users to inject arbitrary web script or HTML via a crafted e-mail message, a different vulnerability than CVE-2005-2022 and CVE-2006-5486.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sun iplanet_messaging_server 5.2 |
||
sun one_messaging_server 6.1 |