CVE-2011-4541
Hastymail2 2.1.1 - Cross-Site Scripting via rs Parameter in Drafts Action
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2011-4541. PoCs published by HTrovao.
AI-analyzed exploit summary This exploit demonstrates a cross-site scripting (XSS) vulnerability in Hastymail2 2.1.1 by injecting a malicious script via the 'rs' POST parameter. The vulnerability arises due to insufficient sanitization of user-supplied data.
Description
Cross-site scripting (XSS) vulnerability in index.php in Hastymail2 2.1.1 before RC2 allows remote attackers to inject arbitrary web script or HTML via the rs parameter in a mailbox Drafts action.
Exploits (1)
This exploit demonstrates a cross-site scripting (XSS) vulnerability in Hastymail2 2.1.1 by injecting a malicious script via the 'rs' POST parameter. The vulnerability arises due to insufficient sanitization of user-supplied data.