Required CVE Record Information
Description
Cross-site scripting (XSS) vulnerability in SmarterTools SmarterMail Enterprise 4.3 allows remote attackers to inject arbitrary web script or HTML via a STYLE attribute of an element in the Subject field of an e-mail message.
References 6 Total
- securityfocus.com: 20080219 SmarterMail Enterprise 4.3 - malformed mail XSS mailing-list
- securitytracker.com: 1019461 vdb-entry
- securityfocus.com: 27878 vdb-entry
- securityreason.com: 3686 third-party-advisory
- secunia.com: 29024 third-party-advisory
- http://es.geocities.com/jplopezy/SmarterMailXSS.txt
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 6 Total
- securityfocus.com: 20080219 SmarterMail Enterprise 4.3 - malformed mail XSS mailing-listx_transferred
- securitytracker.com: 1019461 vdb-entryx_transferred
- securityfocus.com: 27878 vdb-entryx_transferred
- securityreason.com: 3686 third-party-advisoryx_transferred
- secunia.com: 29024 third-party-advisoryx_transferred
- http://es.geocities.com/jplopezy/SmarterMailXSS.txt x_transferred