CVE-2002-1434
Kerio MailServer 5.0 - Cross-Site Scripting in Web Mail Module
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2002-1434. PoCs published by Abraham Lincoln.
AI-analyzed exploit summary This exploit demonstrates a cross-site scripting (XSS) vulnerability in Kerio Mailserver's web mail component. The PoC provides malicious URLs that, when accessed by a victim, execute arbitrary JavaScript code in the context of the user's session.
Description
Multiple cross-site scripting (XSS) vulnerabilities in the Web mail module of Kerio MailServer 5.0 allow remote attackers to execute HTML script as other users via certain URLs.
Exploits (1)
This exploit demonstrates a cross-site scripting (XSS) vulnerability in Kerio Mailserver's web mail component. The PoC provides malicious URLs that, when accessed by a victim, execute arbitrary JavaScript code in the context of the user's session.