Cross-Site Scripting Vulnerability in NetWin SurgeMail by NetWin
CVE-2012-2575

Currently unrated

Key Information:

Vendor: Netwin
Status: Surgemail
Vendor: CVE Published:; 17 September 2012

What is CVE-2012-2575?

A cross-site scripting vulnerability exists in NetWin SurgeMail 6.0a4, enabling remote attackers to inject arbitrary web scripts or HTML. This can occur through the SRC attribute of an IFRAME element embedded in the body of an HTML email message, potentially compromising user data and enabling various malicious activities.

References

http://www.exploit-db.com/exploits/20363/

exploitx_refsource_EXPLOIT-DB

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Sep 17, 2012

Netwin

What is CVE-2012-2575?

References

Timeline