Multiple vulnerabilities in Hushmail.com

["Calum Power" <enune () hush ai>]

Hello Bugtraq,

There has been 2 vulnerabilities found in the secure Hushmail.com webmail/data
storage service.
One is a Cross-Site-Scripting vulnerability, and is discussed in the
attached advisory. This has now been fixed.

The second is currently in the progress of being fixed, and because of
this I will not be releasing details until the vulnerability is repaired.
When I do, they will be posted on my website (http://www.fribble.net/security.php)

Cheers,

Calum Power
- Cultural Jammer
- Security Enthusiast
- Hopeless Cynic
http://www.fribble.net

Attachment: hushmail_09-03-04.txt
Description: