VULHUB ™

Sun ONE and iPlanet Messaging Server are prone to an HTML injection vulnerability. This issue exists in the Webmail facility and may be exploited by injecting hostile HTML and script code through emails. When such an email is read by a user of the Webmail system, attacker-supplied HTML and script code could be rendered in their browser. This may facilitate session hijacking, ultimately allowing for compromise of Webmail accounts. Other attacks are also possible.

Sun ONE and iPlanet Messaging Server are prone to an HTML injection vulnerability. This issue exists in the Webmail facility and may be exploited by injecting hostile HTML and script code through emails. When such an email is read by a user of the Webmail system, attacker-supplied HTML and script code could be rendered in their browser. This may facilitate session hijacking, ultimately allowing for compromise of Webmail accounts. Other attacks are also possible.