Description
Cross-site scripting vulnerability (XSS) in BasiliX Webmail 1.10 allows remote attackers to execute arbitrary script as other users by injecting script into the (1) subject or (2) message fields.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by Ulf Harnhammar · textwebappsphp
https://www.exploit-db.com/exploits/21570
References (4)
Core 4
Core References
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/5060
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/9384
Third Party Advisory mailing-list
x_refsource_vulnwatch
http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0117.html
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://online.securityfocus.com/archive/1/277710
Scores
EPSS
0.0066
EPSS Percentile
71.1%
Details
Status
published
Products (1)
basilix/basilix_webmail
1.1.0
Published
Dec 31, 2002
Tracked Since
Feb 18, 2026