#VU22858 Cross-site scripting in MAIL2000


Published: 2019-11-20

Vulnerability identifier: #VU22858

Vulnerability risk: Low

CVSSv3.1: 5.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2019-15072

CWE-ID: CWE-79

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
MAIL2000
Mobile applications / Apps for mobile phones

Vendor: Openfind

Description

The vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists due to insufficient sanitization of user-supplied data passed via any parameter in the "/cgi-bin/portal" file. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.

Mitigation
Install update from vendor's website.

Vulnerable software versions

MAIL2000: 6.0 - 7.0


External links
http://gist.github.com/chtsecurity/b3396500d4686ad47fb26f64967ef24a
http://gist.github.com/tonykuo76/5bf1ac369d953d5276afe0a2d04c2147
http://tvn.twcert.org.tw/taiwanvn/TVN-201909002
http://www.chtsecurity.com/download/0837ce00c27c73dd3ba3a0d4a7df3a41aaea1ac1e9831a5d61bb64ed484a3598.txt
http://www.openfind.com.tw/taiwan/resource.html
http://www.twcert.org.tw/en/cp-128-3086-ff35d-2.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability