EIP-2026-119341
PRE-CVEAbility Mail Server 2013 -Persistent Cross-Site Scripting / Cross-Site Request Forgery (Password Reset)
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-119341. PoCs published by David Um.
AI-analyzed exploit summary This exploit demonstrates a CSRF vulnerability in AMS WebMail on Windows Server 2003, allowing an attacker to reset a user's password via a crafted email containing malicious JavaScript. The PoC includes steps to configure the environment, host the exploit files, and execute the attack to bypass authentication.
Description
Ability Mail Server 2013 -Persistent Cross-Site Scripting / Cross-Site Request Forgery (Password Reset)
Exploits (1)
This exploit demonstrates a CSRF vulnerability in AMS WebMail on Windows Server 2003, allowing an attacker to reset a user's password via a crafted email containing malicious JavaScript. The PoC includes steps to configure the environment, host the exploit files, and execute the attack to bypass authentication.