Stored XSS Vulnerability in MailEnable before 8.60 via Malformed <img/src Usage

Stored XSS Vulnerability in MailEnable before 8.60 via Malformed <img/src Usage

CVE-2015-9279 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

MailEnable before 8.60 allows Stored XSS via malformed use of "<img/src" with no ">" character in the body of an e-mail message.

Learn more about our Web Application Penetration Testing UK.