Nenad Vijatov » Web Application Security http://blog.vijatov.com xor %ecx,%ecx Thu, 05 Aug 2010 23:14:55 +0000 en hourly 1 http://wordpress.org/?v=3.0.1 PSCS VPOP3 Email Server Cross-Site Scripting Vulnerabilities http://blog.vijatov.com/2009/03/25/pscs-vpop3-email-server-cross-site-scripting-vulnerabilities/ http://blog.vijatov.com/2009/03/25/pscs-vpop3-email-server-cross-site-scripting-vulnerabilities/#comments Wed, 25 Mar 2009 18:24:44 +0000 Nenad Vijatov http://blog.vijatov.com/?p=64 I’ve discovered new XSS vulnerabilities in PSCS VPOP3 Enterprise Email server, exactly on Web Mail interface. Vulnerability version is 2.6.0j. Vendor is informed but isn’t published fix for this vulnerabilities yet, so for solution use a proxy or IPS to filter malicious characters.

Secunia confirmed and published this vulnerability.

]]> http://blog.vijatov.com/2009/03/25/pscs-vpop3-email-server-cross-site-scripting-vulnerabilities/feed/ 0