This script is Copyright (C) 2008-2011 Tenable Network Security, Inc.
The remote host has an application that is affected by a cross-site
The remote host is running MailMarshal SMTP, a mail server for
The Spam Quarantine Management web component included with the version
of MailMarshal SMTP installed on the remote host is affected by a
persistent cross-site scripting vulnerability in its 'delegated spam
management' feature. By exploiting this issue, it may be possible for
an internal user to install a malicious program on another internal
user's (victim) computer, steal session cookies, or launch similar
Successful exploitation would require a victim to accept an email
invitation for delegated spam management from an attacker.
See also :
Upgrade to MailMarshal SMTP 6.4 or later.
Risk factor :
Low / CVSS Base Score : 3.5
CVSS Temporal Score : 2.9
Public Exploit Available : true