SmarterMail Attachment Upload XSS
Medium Nessus Network Monitor Plugin ID 2579
SynopsisThe remote host is running SmarterMail.
DescriptionThe remote host is running SmarterMail. SmarterMail is a web interface to a mail server. This version of SmarterMail is vulnerable to a Cross-Site Scripting (XSS) vulnerability. An attacker exploiting this flaw would need to be able to convince a user to click on a malicious link. A successful attack would give the attacker the ability to run code within the client browser.
SolutionUpgrade or patch according to vendor recommendations.