Detections
Analytics
SmarterMail Attachment Upload XSS
low Nessus Network Monitor Plugin ID 2579
Synopsis
The remote host is running SmarterMail.Description
The remote host is running SmarterMail. SmarterMail is a web interface to a mail server. This version of SmarterMail is vulnerable to a Cross-Site Scripting (XSS) vulnerability. An attacker exploiting this flaw would need to be able to convince a user to click on a malicious link. A successful attack would give the attacker the ability to run code within the client browser.Solution
Upgrade or patch according to vendor recommendations.See Also
http://www.smartertools.com/SmarterMail/Free-Windows-Mail-Server.aspx