This script is Copyright (C) 2004-2015 George A. Theall
A remote web application may be vulnerable to cross-site scripting.
The target is running at least one instance of Open WebMail whose
version is 2.32 or earlier. Such versions are vulnerable to a cross-
site scripting attack whereby an attacker can cause a victim to
with a specially crafted Content-Type or Content-Description header.
For further information, see :
***** Nessus has determined the vulnerability exists on the target
***** simply by looking at the version number of Open WebMail
***** installed there.
Upgrade to Open WebMail version 2.32 20040603 or later.
Risk factor :
Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 3.7
Public Exploit Available : true
Family: CGI abuses : XSS
Nessus Plugin ID: 12262 ()
Bugtraq ID: 10667
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.