CVE-2004-2494

Cross-site scripting (XSS) vulnerability in _error in Ability Mail Server 1.18 allows remote attackers to inject arbitrary web script or HTML via the erromsg parameter.

Date published : 2005-10-25

http://www.securityfocus.com/bid/10695

http://members.lycos.co.uk/r34ct/main/Ability_mail_server_1.18.txt