Unrated severityNVD Advisory· Published Aug 12, 2002· Updated Jun 16, 2026
CVE-2002-0411
CVE-2002-0411
Description
Cross-site scripting vulnerability in message.php for AeroMail before 1.45 allows remote attackers to execute Javascript as an AeroMail user via an email message with the script in the Subject line.
Affected products
6cpe:2.3:a:aeromail:aeromail:1.02:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:aeromail:aeromail:1.02:*:*:*:*:*:*:*
- cpe:2.3:a:aeromail:aeromail:1.10:*:*:*:*:*:*:*
- cpe:2.3:a:aeromail:aeromail:1.20:*:*:*:*:*:*:*
- cpe:2.3:a:aeromail:aeromail:1.26:*:*:*:*:*:*:*
- cpe:2.3:a:aeromail:aeromail:1.30:*:*:*:*:*:*:*
- cpe:2.3:a:aeromail:aeromail:1.40:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4- www.iss.net/security_center/static/8346.phpnvdPatchVendor Advisory
- www.securityfocus.com/bid/4215nvdPatchVendor Advisory
- archives.neohapsis.com/archives/bugtraq/2002-03/0004.htmlnvdExploitVendor Advisory
- the.cushman.net/projects/aeromail/download/aeromail-1.45.tar.gznvd
News mentions
0No linked articles in our index yet.