Atmail Webmail 4.x < 4.6.1 (4.61) '' XSS

This script is Copyright (C) 2014-2015 Tenable Network Security, Inc.

Synopsis :

The remote web server contains an application that is affected by a
cross-site scripting vulnerability.

Description :

According to its version, the Atmail Webmail install on the remote
host is 4.x prior to 4.6.1 (4.61). It is, therefore, potentially
affected by an input-validate error in the file '' that could
allow cross-site scripting (XSS) attacks.

See also :

Solution :

Upgrade to Atmail Webmail 4.6.1 (4.61) or later.

Risk factor :

Medium / CVSS Base Score : 4.3

Family: CGI abuses : XSS

Nessus Plugin ID: 73616 ()

Bugtraq ID:

CVE ID: CVE-2006-6702