CVE-2005-0445

Cross-site scripting (XSS) vulnerability in Open WebMail 2.x allows remote attackers to inject arbitrary HTML or web script via the domain name parameter (logindomain) in the login page.

Date published : 2005-02-15

http://www.securityfocus.com/bid/12547

http://turtle.ee.ncku.edu.tw/openwebmail/doc/changes.txt