Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

0day Mailbird XSS

From: Henri Salo <henri () nerv fi>
Date: Fri, 22 May 2015 10:05:51 +0300
I created inquiry about this issue to their support and got two replies:

Leonardo Santoso, May 11, 12:50:
We are investigating this issue right now, I'll let you know once we know more
about it. Thank you for notifying us about it.

Leonardo Santoso, May 21, 17:50: This issue should be fix in the latest version,
please update your Mailbird.

Latest version after downloading the application is 2.0.16.0 dated as May 15,
which is still vulnerable to this cross-site scripting vulnerability. Nothing in
changelog about this case.

Mitigation: use different application :)

-- 
Henri Salo

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/
Previous By Date Next
Previous By Thread Next

Current thread: