![$site['logo_alt']](/img/neosense-logo.png){kind=logo}
NeoSense iPlanet Messaging Server - Messenger Express Expression() HTML Injection
source: https://www.securityfocus.com/bid/20838/info
iPlanet Messaging Server Messenger Express is prone to an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied data.
An attacker can exploit this issue to execute arbitrary JavaScript in the victim's browser.
<IMG style="width: expression(alert('expression'));">