This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.
The remote webmail server is affected by a cross-site scripting
According to its banner, the remote host is running a version of
Kerio MailServer prior to 6.6.2 Patch 3 or 6.7.0 Patch 1. The webmail
component of such versions is reportedly affected by a cross-site
scripting vulnerability on the Integration page.
Successful exploitation of this issue could lead to execution of
arbitrary HTML and script code in a user's browser within the security
context of the affected site.
See also :
Upgrade to Kerio MailServer 6.6.2 Patch 3 / 6.7.0 Patch 1 or later.
Risk factor :
Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 3.7
Public Exploit Available : true