![$site['logo_alt']](/img/neosense-logo.png){kind=logo}
NeoSense Mirapoint Web Mail - 'Expression()' HTML Injection
source: https://www.securityfocus.com/bid/20840/info
Mirapoint Web Mail is prone to an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied data.
An attacker can exploit this issue to execute arbitrary JavaScript in the victim's browser.
<IMG style="width: expression(alert('expression'));">