This host is running Aker Secure Mail Gateway and is prone to cross-site scripting vulnerability.
Successful exploitation will allow attackers to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Impact Level: Application
Apply the patch from below link, http://www.aker.com.br/produtos/aker-secure-mail-gateway
Input passed via the 'msg_id' GET parameter to webgui/cf/index.php is not properly sanitised before being returned to the user.
Aker Secure Mail Gateway version 2.5.2 and prior
Send a crafted data via HTTP GET request and check whether it is able to read cookie or not.
- Abtp Portal Project 'ABTPV_BLOQUE_CENT' Parameter Local and Remote File Include Vulnerabilities
- AeroMail Cross Site Request Forgery, HTML Injection and Cross Site Scripting Vulnerabilities
- Apache Tomcat Directory Listing and File disclosure
- @Mail 'MailType' Parameter Cross Site Scripting Vulnerability
- AdaptCMS Lite Cross Site Scripting and Remote File Include Vulnerabilities