Cross-site scripting (XSS) vulnerability in NetWin SurgeMail 6.0a4 allows remote malicious users to inject arbitrary web script or HTML via the SRC attribute of an IFRAME element in the body of an HTML e-mail message.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
netwin surgemail 6.0 |