Description
Multiple cross-site scripting (XSS) vulnerabilities in the Web mail module of Kerio MailServer 5.0 allow remote attackers to execute HTML script as other users via certain URLs.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Abraham Lincoln · textwebappscgi
https://www.exploit-db.com/exploits/21728
References (3)
Core 3
Core References
Patch, Vendor Advisory vdb-entry
x_refsource_xf
http://www.iss.net/security_center/static/9905.php
Patch, Vendor Advisory mailing-list
x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2002-08/0183.html
Exploit, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/5507
Scores
EPSS
0.0088
EPSS Percentile
75.5%
Details
Status
published
Products (3)
kerio/kerio_mailserver
5.0
kerio/kerio_mailserver
5.1
kerio/kerio_mailserver
5.1.1
Published
Apr 11, 2003
Tracked Since
Feb 18, 2026