The login feature in "/cgi-bin/portal" in MAIL2000 through version 6.0 and 7.0 has a cross-site scripting (XSS) vulnerability, allowing execution of arbitrary code via any parameter. This vulnerability affects many mail system of governments, organizations, companies and universities.
The injection point is any parameter in "/cgi-bin/portal".
The code is executed for a user logining in to the Webmail, whenever login Page is displayed. This may allow the user to steal cookie-based authentication credentials.
http://[Target Domain]
/cgi-bin/portal
- Tony Kuo (CHT Security)
- Vtim (CHT Security)