Hello all, Its a forward message from openwebmail bugtraq system with the problem and the solution ;-) ---------- Forwarded Message ----------- From: "openwebmail" <openwebmail@xxxxxxxxxxxxxxxxxxxxx> To: "aramosf" <aramosf@xxxxxxxxx> Sent: Thu, 3 Jun 2004 20:30:07 +0800 Subject: Re: XSS bug. On Wed, 2 Jun 2004 18:15:06 +0200, aramosf wrote > Hello, > > I tried to exploit openwebmail 2.32 (latest stable) with the same > adv of SquireMail from RomanSoft, http://www.rs-labs.com/adv/RS-Labs- > Advisory-2004-1.txt, and the openwebmail is vulnerable too. > > -- > A. Ramos <aka dab> > http://www.unsec.net Hi, Thanks for the bug report, it has been fixed in the latest openwebmail-current.tgz. Regards. tung -- Distributed System Laboratory (http://dslab.ee.ncku.edu.tw) Department of Electrical Engineering National Cheng Kung University, Tainan, Taiwan, R.O.C. ------- End of Forwarded Message ------- -- A. Ramos <aka dab> http://www.unsec.net
