Cross-Site Scripting (XSS) Vulnerabilities in AtMail Open 1.04

Cross-Site Scripting (XSS) Vulnerabilities in AtMail Open 1.04

CVE-2011-4540 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

Multiple cross-site scripting (XSS) vulnerabilities in AtMail Open (aka AtMail Open-Source edition) 1.04 allow remote attackers to inject arbitrary web script or HTML via the func parameter to (1) ldap.php or (2) search.php.

Learn more about our Web App Pen Testing.