CVE-2002-1958

kmMail 1.0, 1.0a, 1.0b - Cross-Site Scripting via HTML Attributes or Subject Field

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2002-1958. PoCs published by Ulf Harnhammar.

AI-analyzed exploit summary This exploit demonstrates an XSS vulnerability in kmMail by embedding arbitrary HTML and script code in an email message. The provided PoC uses a simple onMouseOver event to trigger an alert, showcasing the lack of input sanitization.

Description

Cross-site scripting (XSS) vulnerability in kmMail 1.0, 1.0a, and 1.0b allows remote attackers to inject arbitrary web script or HTML via (1) javascript in onmouseover or other attributes in "safe" HTML tags such as the "b" tag, or (2) the Subject field.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Ulf Harnhammar · textwebappsphp
https://www.exploit-db.com/exploits/21956

This exploit demonstrates an XSS vulnerability in kmMail by embedding arbitrary HTML and script code in an email message. The provided PoC uses a simple onMouseOver event to trigger an alert, showcasing the lack of input sanitization.

Classification
Working Poc 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target: kmMail (version not specified)
No auth needed
Prerequisites: Victim must open the malicious email in kmMail
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Patch vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/5173
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/6013

Scores

EPSS 0.0170
EPSS Percentile 74.2%

Details

CWE
CWE-79
Status published
Products (3)
kmmail/kmmail 1.0
kmmail/kmmail 1.0a
kmmail/kmmail 1.0b
Published Dec 31, 2002
Tracked Since Feb 18, 2026