Cross-Site Scripting Vulnerabilities in SmarterMail by SmarterTools
CVE-2012-2578

Currently unrated

Key Information:

Vendor

Smartertools

Status
Smartermail
Vendor
CVE Published:
19 September 2012

Badges

๐Ÿ‘พ Exploit Exists๐ŸŸก Public PoC

What is CVE-2012-2578?

Multiple cross-site scripting (XSS) vulnerabilities exist in SmarterMail 9.2, enabling remote attackers to inject arbitrary web scripts or HTML through an email message body. These vulnerabilities can be exploited using methods such as JavaScript alert functions in conjunction with fromCharCode, inserting SCRIPT elements, manipulating CSS expression properties in the STYLE attribute, or altering innerHTML attributes within XML documents. Attackers could leverage these weaknesses to achieve unauthorized access or perform actions on behalf of users.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2012-2578 - Proof of Concept

References

http://www.exploit-db.com/exploits/20362/
exploitx_refsource_EXPLOIT-DB

Timeline

  • Vulnerability Reserved

  • ๐ŸŸก

    Public PoC available

  • ๐Ÿ‘พ

    Exploit known to exist

  • Vulnerability published

JSON
.