Published: 21/12/2013 Updated: 29/08/2017
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
VMScore: 435
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Vulnerability Summary

Cross-site scripting (XSS) vulnerability in Code-Crafters Ability Mail Server 3.1.1 allows remote malicious users to inject arbitrary web script or HTML via the body of an email.


#!/usr/bin/env python ''' Exploit Title: Ability Mail Server 2013 Stored XSS Date: 12/20/2013 Exploit Author: David Um Vendor Homepage: wwwcode-crafterscom/ Software Link: downloadcode-crafterscom/amsexe Version: 311 Tested on: Windows Server 2003 SP2 CVE : CVE-2013-6162 Description: This proof of concept demonstrates a stored ...