NuytsTech Security

CVE-2007-1991

by ·

Cross-site scripting (XSS) vulnerability in mail/signup.asp in CmailServer WebMail 5.4.3, and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via the Comment parameter, a different vector than CVE-2007-1927.

Date published : 2007-04-12

http://www.securityfocus.com/bid/23363

http://secunia.com/advisories/24812

Tags: