[VIM] Helm Control Panel followup

security curmudgeon jericho at attrition.org
Mon Mar 27 11:22:35 EST 2006

---------- Forwarded message ----------
From: security curmudgeon <jericho at attrition.org>
To: WebHost Automation Ltd <sales at webhostautomation.com>
Date: Mon, 27 Mar 2006 11:22:10 -0500 (EST)
Subject: Re: Your account details (WHA15946)


I signed up to be able to mail support a question regarding your product,
but it says that since I don't have a contract I can't do that. Hopefully
you will be able to forward this on to the appropriate people.

Recently, a few security vulnerabilities were reported in one of your


The above reports says there are some cross-site scripting (XSS) issues in
default.asp. This report says that 3.2.10 is vulnerable but I noticed the
product history lists the following:


Fixed XSS entry in default page

Can you confirm these are seperate issues? Does this changelog entry note
a previous (but different) cross-site scripting issue?



More information about the VIM mailing list