---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/ ---------------------------------------------------------------------- TITLE: SqWebMail Conditional Comments Script Insertion Vulnerability SECUNIA ADVISORY ID: SA16704 VERIFY ADVISORY: http://secunia.com/advisories/16704/ CRITICAL: Moderately critical IMPACT: Cross Site Scripting WHERE: >From remote SOFTWARE: SqWebMail 3.x http://secunia.com/product/2553/ SqWebMail 4.x http://secunia.com/product/3601/ SqWebMail 5.x http://secunia.com/product/4989/ DESCRIPTION: Secunia Research has discovered a vulnerability in SqWebMail, which can be exploited by malicious people to conduct script insertion attacks. The vulnerability is caused due to SqWebMail allowing usage of e.g. the "