Cross-Site Scripting Vulnerabilities in AfterLogic WebMail Pro by AfterLogic
CVE-2009-4743

Currently unrated

Key Information:

Vendor

Afterlogic

Status
Webmail Pro
Vendor
CVE Published:
26 March 2010

What is CVE-2009-4743?

The AfterLogic WebMail Pro product is susceptible to multiple cross-site scripting vulnerabilities located in the 'history-storage.aspx' file. These vulnerabilities can be exploited by remote attackers who can inject arbitrary web scripts or HTML through the 'HistoryStorageObjectName' and 'HistoryKey' parameters. This leads to unauthorized actions on behalf of the user in the context of their session, emphasizing the importance of securing web applications against such attacks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/53672
vdb-entryx_refsource_XF
http://www.gardienvirtuel.com/fichiers/documents/publicat...
x_refsource_MISC
http://www.securityfocus.com/bid/36605
vdb-entryx_refsource_BID

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.