CVE-2003-1522

Pscs Vpop3 Web Mail Server - XSS

Title source: rule

Description

Cross-site scripting (XSS) vulnerability in PSCS VPOP3 Web Mail server 2.0e and 2.0f allows remote attackers to inject arbitrary web script or HTML via the redirect parameter to the admin/index.html page.

Exploits (1)

exploitdb WORKING POC VERIFIED

by SecuriTeam · textremotemultiple

https://www.exploit-db.com/exploits/23271

View Code ZIP pw:eip

References (4)

Core 4

Core References

Exploit vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/8869

Various Sources x_refsource_misc

http://www.securiteam.com/windowsntfocus/6S00S008KW.html

Various Sources x_refsource_confirm

http://www.pscs.co.uk/products/vpop3/whatsnew.html

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/13459

Scores

EPSS 0.0056

EPSS Percentile 68.5%

Details

CWE

CWE-79

Status published

Products (2)

pscs/vpop3_web_mail_server 2.0e

pscs/vpop3_web_mail_server 2.0f

Published Dec 31, 2003

Tracked Since Feb 18, 2026