CVE-2008-6893

Description

Cross-site scripting (XSS) vulnerability in Alt-N MDaemon WorldClient 10.0.2, when Internet Explorer 7 is used, allows remote attackers to inject arbitrary web script or HTML via a crafted img tag.

Affected products

• alt-n / worldclient10.0.2 – 10.0.2

References

• MISChttp://osvdb.org/50648
• MISChttp://www.securityfocus.com/bid/32776
• VENDOR_ADVISORYhttp://secunia.com/advisories/32885
• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/47209
• MISChttp://files.altn.com/MDaemon/Release/RelNotes_en.txt