Posted by Onur Yilmaz on Feb 03

Information
——————–
Advisory by Netsparker
Name: XSS Vulnerability in MailPoet Newsletters
Affected Software : MailPoet Newsletters
Affected Versions: v2.6.19 and possibly below
Vendor Homepage : http://www.mailpoet.com/
Vulnerability Type : Cross-site Scripting
Severity : Important
CVE-ID : TBA
Status : Fixed
Netsparker Advisory Reference : NS-16-001

Description
——————–
By exploiting a Cross-site scripting…