Multiple cross-site scripting (XSS) vulnerabilities in the Basic webmail module 6.x-1.x prior to 6.x-1.2 for Drupal allow remote malicious users to inject arbitrary web script or HTML via a (1) page title or (2) crafted email message.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
jason_flatt basic_webmail 6.x-1.x |
||
basic_webmail_project basic_webmail 6.x-1.1 |
||
jason_flatt basic_webmail 6.x-1.0 |