CVE-2012-2587

AfterLogic MailSuite Pro 6.3 - XSS

Title source: llm

Description

Multiple cross-site scripting (XSS) vulnerabilities in AfterLogic MailSuite Pro 6.3 allow remote attackers to inject arbitrary web script or HTML via an e-mail message body with a crafted SRC attribute of (1) an IFRAME element or (2) a SCRIPT element.

Exploits (1)

exploitdb WORKING POC VERIFIED

by loneferret · pythonwebappswindows

https://www.exploit-db.com/exploits/20352

View Code ZIP pw:eip

References (1)

Core 1

Core References

Exploit exploit x_refsource_exploit-db

http://www.exploit-db.com/exploits/20352/

Scores

EPSS 0.0036

EPSS Percentile 58.1%

Details

CWE

CWE-79

Status published

Products (1)

afterlogic/mailsuite_pro 6.3

Published Aug 12, 2012

Tracked Since Feb 18, 2026