WHID 2006-8: ICQmail.com - Mail2World.com XSS vulnerability

Links sent to a user as part of the mail content are not properly sanitized, so a user receiving such mail and activating a link would be affected.

Additional information:

Advisory: ICQmail.com & Mail2World.com (ms_inbox.asp Current_folder) XSS vulnerability [NukedX, Feb 25 2006]

Attack Method:

Cross Site Scripting (XSS)

Incident Outcome:

Disclosure Only

Add new comment