Description
WorldClient webmail in Alt-N MDaemon 8.1.3 allows remote attackers to prevent arbitrary users from accessing their inboxes via script tags in the Subject header of an e-mail message, which prevents the user from being able to access the Inbox folder, possibly due to a cross-site scripting (XSS) vulnerability.
Exploits (1)
References (4)
Core 4
Core References
Various Sources x_refsource_misc
http://www.ipomonis.com/advisories/mdaemon.zip
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/15815
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/23551
Exploit, Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/17990
Scores
EPSS
0.0054
EPSS Percentile
67.8%
Details
CWE
CWE-94
Status
published
Products (2)
alt-n/mdaemon
8.1.3
alt-n/worldclient
8.1.3
Published
Dec 13, 2005
Tracked Since
Feb 18, 2026