Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Dada Mail < 2.10 alpha 1 Archived Message XSS



The remote host is vulnerable to a Cross-Site Scripting (XSS) attack.


The remote host is running Dada Mail, a mailing list management system. This version of Dada Mail is vulnerable to a remote HTML injection attack. An attacker exploiting this flaw would typically upload HTML (or script) code to the webserver. Unsuspecting users, upon visiting the malicious portion of the site, would have code executed within their browser. This can lead to theft of confidential data (such as authentication cookies).


Upgrade to version 2.10 alpha 1 or higher.