The remote server is running at least one instance of IMP whose version
number is between 2.0 and 3.2.3 inclusive. Such versions are vulnerable
to a cross-scripting attack whereby an attacker may be able to cause a
victim to unknowingly run arbitrary JavaScript code simply by reading a
MIME message with a specially crafted Content-Type header.
For information about the vulnerability, including exploits, see :
Note : has determined the vulnerability exists on the target
simply by looking at the version number of IMP installed there
it has
not attempted to actually exploit the vulnerability.
Solution : Upgrade to IMP version 3.2.4 or later.
Risk factor : High
