### [CVE-2012-2593](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2593)
![](https://img.shields.io/static/v1?label=Product&message=Atmail%20Webmail%20Server&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=6.4%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Cross-Site%20Scripting&color=brightgreen)

### Description

Cross-site scripting (XSS) vulnerability in the administrative interface in Atmail Webmail Server 6.4 allows remote attackers to inject arbitrary web script or HTML via the Date field of an email.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/20142995/nuclei-templates
- https://github.com/AndrewTrube/CVE-2012-2593
- https://github.com/BLACKHAT-SSG/OSWE-Preparation-
- https://github.com/MdTauheedAlam/AWAE-OSWE-Notes
- https://github.com/PwnAwan/OSWE-Preparation-
- https://github.com/R0B1NL1N/OSWE
- https://github.com/Xcod3bughunt3r/OSWE
- https://github.com/cyb3r-w0lf/nuclei-template-collection
- https://github.com/kymb0/web_study
- https://github.com/mishmashclone/ManhNho-AWAE-OSWE
- https://github.com/mishmashclone/sailay1996-offsec_WE
- https://github.com/mishmashclone/timip-OSWE
- https://github.com/sailay1996/offsec_WE
- https://github.com/timip/OSWE
- https://github.com/zer0byte/AWAE-OSWP