Description
Cross-site scripting (XSS) vulnerability in inmail.pl in Insite Inmail allows remote attackers to inject arbitrary web script or HTML via the acao parameter.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Carlos Ulver · textwebappscgi
https://www.exploit-db.com/exploits/24779
References (4)
Core 4
Core References
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=110140029419018&w=2
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/13188/
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/11758
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/18268
Scores
EPSS
0.0473
EPSS Percentile
89.5%
Details
Status
published
Products (2)
insite/inmail
insite/inshop
Published
Jan 10, 2005
Tracked Since
Feb 18, 2026