Openfind MAIL2000 Webmail Post-Auth Cross-Site Scripting
===
## Current Description
The login feature in "/cgi-bin/portal" in MAIL2000 through version 6.0 and 7.0 has a cross-site scripting (XSS) vulnerability, allowing execution of arbitrary code via any parameter. 
This vulnerability affects many mail system of governments, organizations, companies and universities.


## Details
The injection point is any parameter in "/cgi-bin/portal".

### We execute arbitrary code via any paramemer.

#### Description
The code is executed for a user logining in to the Webmail, whenever login Page is displayed. This may allow the user to steal cookie-based authentication credentials.


#### Affected files
http://`[Target Domain]`/cgi-bin/portal


## Contributor
* Tony Kuo (CHT Security)
* Vtim (CHT Security)