jetlib.sec » Bugtraq » ME020567: MailEnable webmail cross-site scripting vulnerability CVE-2012-0389

Feeds

132963 items (0 unread) in 27 feeds

• 1337day (was: Inj3ct0r, 1337db)
• OSVDB Vulnerabilities
• Exploit-DB
• SecurityFocus Vulnerabilities
• Bugtraq
• Full Disclosure
• XSSed
• Packet Storm Security Headlines
• Packet Storm Security Advisories
• Packet Storm Security Exploits
• Packet Storm Security Recent Files
• Packet Storm Security Tools
• Packet Storm Security Misc. Files
• Sophos security news
• Sophos product advisories
• Penetration Testing
• SecuriTeam
• BackTrack Linux Forums
• Threatpost
• SecDocs
• carnal0wnage.attackresearch.com
• Carnal0wnage
• Kernel Fun
• Darknet
• The Exploitant
• Hack a Day
• Wirevolution

Bugtraq

• January 13, 2012
• 

  ME020567: MailEnable webmail cross-site scripting vulnerability CVE-2012-0389

  Posted: January 13th, 2012, 9:55am PST

  Tags:   

  Posted by Henri Salo on Jan 13

  ME020567: MailEnable webmail cross-site scripting vulnerability (CWE-79)
  References: CVE-2012-0389
  Discovered by: Sajjad Pourali, Narendra Shinde and Shahab NamaziKhah
  Vendor advisory: http://www.mailenable.com/kb/Content/Article.asp?ID=me020567
  Vendor contact: 2012-01-04 09:49:36 UTC
  Vendor response: 2012-01-04 10:27:13 UTC (Peter Fregon from MailEnable)
  Vendor fix and announcement: 2012-01-10 00:50:31 UTC
  
  Vulnerability description:
  
  MailEnable...