Rockliffe.MailSite.HTTP.Mail.Management.XSS

description-logoDescription

It indicates a possible exploit of a cross-site scripting vulnerability in WCONSOLE.DLL, in Rockliffe MailSite, that may allow remote attackers to inject an arbitrary web script or HTML via the query string.

affected-products-logoAffected Products

Rockliffe MailSite 7.0.3 1
Rockliffe MailSite 6.1.22
Rockliffe MailSite 5.3.4
Rockliffe MailSite 5

Impact logoImpact

Stealing cookie based information.

recomended-action-logoRecommended Actions

The vendor has released hotfixes to address this issue.
ftp://ftp.rockliffe.com/MailSite/6.1.22/Hotfixes/

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2018-09-25 13.457