Cross-site scripting (XSS) vulnerability in AMAX Magic Winmail Server 4.2 (build 0824) and previous versions allows remote malicious users to inject arbitrary web script or HTML via the (1) retid parameter in badlogin.php, (2) Content-Type headers in HTML mails, and (3) HTML mail attachments.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
amax information technologies magic winmail server 4.2 |