Rockliffe.MailSite.HTTP.Mail.Management.XSS
Description
It indicates a possible exploit of a cross-site scripting vulnerability in WCONSOLE.DLL, in Rockliffe MailSite, that may allow remote attackers to inject an arbitrary web script or HTML via the query string.
Affected Products
Rockliffe MailSite 7.0.3 1
Rockliffe MailSite 6.1.22
Rockliffe MailSite 5.3.4
Rockliffe MailSite 5
Impact
Stealing cookie based information.
Recommended Actions
The vendor has released hotfixes to address this issue.
ftp://ftp.rockliffe.com/MailSite/6.1.22/Hotfixes/
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2018-09-25 | 13.457 |