This script is Copyright (C) 2008-2011 Tenable Network Security, Inc.
The remote web server contains a script that is affected by a cross-
site scripting vulnerability.
The remote host is running IceWarp Merak Mail Server, a webmail server
for Windows and Linux.
The remote version of IceWarp fails to sanitize user input to the
'message ' parameter of the 'admin/index.html' script before using it
to generate dynamic content. An unauthenticated, remote attacker may
be able to leverage this issue to inject arbitrary HTML or script code
into a user's browser to be executed within the security context of
the affected site.
Unknown at this time.
Risk factor :
Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 3.6
Public Exploit Available : true