Description
Cross-site scripting (XSS) vulnerability in msgError.asp for the administrative web interface (STEMWADM) for SurfControl SuperScout Email Filter allows remote attackers to insert arbitrary script or HTML via the Reason parameter.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by ken@FTU · textwebappsasp
https://www.exploit-db.com/exploits/21924
References (3)
Core 3
Core References
Patch, Vendor Advisory vdb-entry
x_refsource_xf
http://www.iss.net/security_center/static/10319.php
Exploit, Patch, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/5928
Exploit, Vendor Advisory mailing-list
x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2002-10/0137.html
Scores
EPSS
0.0088
EPSS Percentile
75.5%
Details
Status
published
Products (3)
surfcontrol/superscout_email_filter
3.5
surfcontrol/superscout_email_filter
3.5.1
surfcontrol/superscout_email_filter
4.0
Published
Mar 31, 2003
Tracked Since
Feb 18, 2026