Skip to content

Instantly share code, notes, and snippets.

@tonykuo76

tonykuo76/Openfind MAIL2000 Webmail Post-Auth Cross-Site Scripting.md Secret

Last active Oct 28, 2019
Star
Embed
What would you like to do?
Learn more about clone URLs
Download ZIP
Openfind MAIL2000 Webmail Post-Auth Cross-Site Scripting
Raw
Openfind MAIL2000 Webmail Post-Auth Cross-Site Scripting.md

Openfind MAIL2000 Webmail Post-Auth Cross-Site Scripting

Current Description

The login feature in "/cgi-bin/portal" in MAIL2000 through version 6.0 and 7.0 has a cross-site scripting (XSS) vulnerability, allowing execution of arbitrary code via any parameter. This vulnerability affects many mail system of governments, organizations, companies and universities.

Details

The injection point is any parameter in "/cgi-bin/portal".

We execute arbitrary code via any paramemer.

Description

The code is executed for a user logining in to the Webmail, whenever login Page is displayed. This may allow the user to steal cookie-based authentication credentials.

Affected files

http://[Target Domain]/cgi-bin/portal

Contributor

  • Tony Kuo (CHT Security)
  • Vtim (CHT Security)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment