MailPost.exe Multiple Vulnerabilities
Medium Nessus Network Monitor Plugin ID 2386
SynopsisThe remote host is vulnerable to multiple attack vectors.
DescriptionThe remote host is using a version of TIPS MailPost that is vulnerable to several flaws.
TIPS MailPost is an HTML form content email application designed to facilitate
the emailing of HTML form data to a third party.
There are various flaws in the remote version of this software :
- A remote file enumeration vulnerability that may allow an attacker to determine if a file exists or not
- Two cross-site scripting vulnerabilities that may allow an attacker to steal the cookies of third-parties users
- An information disclosure vulnerability that may allow an attacker to gain more information about the remote host
SolutionUpgrade or patch according to vendor recommendations.