EIP-2026-103947
PRE-CVEiPlanet Messaging Server 5.0/5.1 - HTML Attachment Cross-Site Scripting
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-103947. PoCs published by KernelPanikLabs.
AI-analyzed exploit summary The exploit demonstrates a cross-site scripting (XSS) vulnerability in iPlanet Messaging Server by embedding malicious JavaScript in an HTML attachment. The provided code shows a simple alert-based XSS and a more advanced example using ActiveXObject for session hijacking via web redirection.
Description
iPlanet Messaging Server 5.0/5.1 - HTML Attachment Cross-Site Scripting
Exploits (1)
The exploit demonstrates a cross-site scripting (XSS) vulnerability in iPlanet Messaging Server by embedding malicious JavaScript in an HTML attachment. The provided code shows a simple alert-based XSS and a more advanced example using ActiveXObject for session hijacking via web redirection.