Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
jsp/upload.jsp in Coremail XT 5.0 allows XSS via an uploaded personal signature, as demonstrated by a .jpg.html filename in the signImgFile parameter.
- https://github.com/fa1c0n1/fa1c0n-vim/blob/master/temp/core_tmp.md
- https://github.com/EdgeSecurityTeam/Vulnerability
- https://github.com/tzwlhack/Vulnerability