SmarterTools SmarterMail Cross-Site Scripting Vulnerability
BID:12405
Info
SmarterTools SmarterMail Cross-Site Scripting Vulnerability
| Bugtraq ID: | 12405 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Jan 31 2005 12:00AM |
| Updated: | Jan 31 2005 12:00AM |
| Credit: | This vulnerability was announced by the vendor. |
| Vulnerable: |
SmarterTools SmarterMail 2.0 .1733 |
| Not Vulnerable: |
SmarterTools SmarterMail 2.0 .1837 |
Discussion
SmarterTools SmarterMail Cross-Site Scripting Vulnerability
SmarterTools SmarterMail is reportedly affected by a cross-site scripting vulnerability. This issue is due to the application failing to properly sanitize user-supplied input.
The vendor has reportedly addressed this issue in SmarterMail 2.0.1837.
Smartermail version 2.0.1733 is reportedly affected; earlier versions may also be vulnerable.
SmarterTools SmarterMail is reportedly affected by a cross-site scripting vulnerability. This issue is due to the application failing to properly sanitize user-supplied input.
The vendor has reportedly addressed this issue in SmarterMail 2.0.1837.
Smartermail version 2.0.1733 is reportedly affected; earlier versions may also be vulnerable.
Exploit / POC
SmarterTools SmarterMail Cross-Site Scripting Vulnerability
No exploit is required.
No exploit is required.
Solution / Fix
SmarterTools SmarterMail Cross-Site Scripting Vulnerability
Solution:
The vendor has addressed this issue in SmartMail 2.0.1837.
SmarterTools SmarterMail 2.0 .1733
Solution:
The vendor has addressed this issue in SmartMail 2.0.1837.
SmarterTools SmarterMail 2.0 .1733
-
SmarterTools SmarterMail 2.0.1837
http://www.smartertools.com/Products/SmarterMail/DL/V2.aspx
References
SmarterTools SmarterMail Cross-Site Scripting Vulnerability
References:
References:
- SmarterMail Product Page (SmarterTools)
- SmarterMail Release Notes (SmarterTools)