Multiple cross-site scripting (XSS) vulnerabilities in history-storage.aspx in AfterLogic WebMail Pro 4.7.10 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) HistoryStorageObjectName and (2) HistoryKey parameters.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
afterlogic webmail pro |
||
afterlogic webmail pro 4.5 |