Cross-Site Scripting Vulnerability in MicroWorld Technologies MailScan Administration Interface
CVE-2008-3726

Currently unrated

Key Information:

Vendor: Microworld Technologies
Status: Mailscan
Vendor: CVE Published:; 20 August 2008

🔔 Create Microworld Technologies Vulnerability Alert

What is CVE-2008-3726?

The MicroWorld Technologies MailScan administration interface is vulnerable to a Cross-Site Scripting (XSS) attack. This flaw enables remote attackers to inject arbitrary web scripts or HTML into the interface via crafted URI requests. If exploited, the vulnerability can lead to unauthorized actions on behalf of legitimate users or stealing sensitive information. Organizations using MailScan 5.6.a espatch 1 should take immediate steps to secure their systems against potential exploitation.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/44517

vdb-entryx_refsource_XF

http://securityreason.com/securityalert/4172

third-party-advisoryx_refsource_SREASON

http://www.securityfocus.com/bid/30700

vdb-entryx_refsource_BID

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 20, 2008
Vulnerability Reserved
Aug 20, 2008