The remote web server contains a CGI script that is affected by a
cross-site scripting flaw.
Description :
The remote host is running a version of SqWebMail that does not
properly sanitize user-supplied input through the redirect
parameter. An attacker can exploit this flaw to inject arbitrary HTML
and script code into a users browser to be executed within the
context of the affected web site. Such attacks could lead to session
cookie and password theft for users who read mail with SqWebMail.
