Multiple cross-site scripting (XSS) vulnerabilities in AtMail Open (aka AtMail Open-Source edition) 1.04 allow remote malicious users to inject arbitrary web script or HTML via the func parameter to (1) ldap.php or (2) search.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
atmail atmail open 1.04 |