At a glance:
| ID | 10842 |
| Created | Aug 24, 2005 |
| Updated | Apr 23, 2014 |
| Severity |
|
| Coverage |
IPS (Regular DB)
IPS (Extended DB)
|
| Default Action | Unavailable |
| Active |
|
| Affected OS | |
| Affected App |
Legend
| Enabled/Available | 
|
| Disabled/Not Avaliable |
|
Refine Search
Intrusion Prevention
Mailtraq.Browse.ASP.XSS
Description
It indicates an attacker attempted a Cross Site Scripting attack against Mailtraq. Mailtraq does not properly sanitize HTTP requests which makes it vulnerable to Cross Site Scripting attacks. A malicious attacker can take advantage of this programming error by manipulating the "cfolder" URI parameter to the browse.asp script. The attacker then sends the link to the user if that link is opened by the user, the attacker supplied code will be executed.
Affected Products
Fastraq Mailtraq 2.2
Impact
Compromise of the affected system.
Recommended Actions
Apply appropriate patch from the vendor or Upgrade to non-vulnerable version if available.