CVE-2012-2573
published 2012-08-12CVE-2012-2573: Multiple cross-site scripting (XSS) vulnerabilities in T-dah WebMail 3.2.0-2.3 allow remote attackers to inject arbitrary web script or HTML via an e-mail…
PriorityP418medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EXPLOIT
EPSS
1.34%
67.8th percentile
Multiple cross-site scripting (XSS) vulnerabilities in T-dah WebMail 3.2.0-2.3 allow remote attackers to inject arbitrary web script or HTML via an e-mail message body with (1) a SCRIPT element, (2) a crafted Cascading Style Sheets (CSS) expression property, (3) a CSS expression property in the STYLE attribute of an arbitrary element, (4) an ONLOAD attribute of a BODY element, (5) a crafted SRC attribute of an IFRAME element, (6) a crafted CONTENT attribute of an HTTP-EQUIV="refresh" META element, or (7) a data: URL in the CONTENT attribute of an HTTP-EQUIV="refresh" META element.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| tdah | t-day_webmail | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
T-dah Webmail Client - Multiple Persistent Cross-Site Scripting Vulnerabilities
exploitdb·2012-08-17
CVE-2012-2573 T-dah Webmail Client - Multiple Persistent Cross-Site Scripting Vulnerabilities
T-dah Webmail Client - Multiple Persistent Cross-Site Scripting Vulnerabilities
---
#!/usr/bin/python
'''
# Exploit Title: T-dah Webmail Multiple Stored XSS issues.
# Date: 17/08/2012
# Exploit Author: Shai rod (@NightRang3r)
# Vendor Homepage: http://tdah.us/
# Software Link: http://sourceforge.net/projects/t-dahmail/files/latest/download?utm_expid=6384-3&utm_referrer=http%3A%2F%2Fsourceforge.net%2Fprojects%2Ft-dahmail%2F
# Version: 3.2.0
#Gr33Tz: @aviadgolan , @benhayak, @nirgoldshlager, @roni_bachar
About the Application:
T-dah is an Open Sourced Universal Webmail origially developed by Aldoir Ventura under the name Uebimiau in which we picked up late in 2007.
It is free and can be installed on any server that supports PHP.
Vulnerability Description
1. XSS In message body (HRE
Exploit-DB
T-dah Webmail Client 3.2.0-2.3 - Persistent Cross-Site Scripting
exploitdb·2012-08-08
CVE-2012-2573 T-dah Webmail Client 3.2.0-2.3 - Persistent Cross-Site Scripting
T-dah Webmail Client 3.2.0-2.3 - Persistent Cross-Site Scripting
---
#!/usr/bin/python
'''
Author: loneferret of Offensive Security
Product: T-dah Webmail Client
Version: 3.2.0-2.3
Vendor Site: http://t-dahmail.sourceforge.net/index.php
Software Download: http://sourceforge.net/projects/t-dahmail/
Contact: http://t-dahmail.sourceforge.net/forum/
Timeline:
29 May 2012: Vulnerability reported to CERT
30 May 2012: Response received from CERT with disclosure date set to 20 Jul 2012
23 Jul 2012: Update from CERT: No response from vendor
08 Aug 2012: Public Disclosure
Installed On: Ubuntu Server LAMP 11.10
Client Test OS: Windows 7 Pro (x86) SP1
Browser Used: Internet Explorer 9
Injection Point: Body
Injection Payload(s):
1:
2: alert(String.fromCharCode(88,83,83))
3: ';alert(String.fromCh
No writeups or analysis indexed.
2012-08-12
Published