# ----------------------------------------------------------- # _____ _ _ _ _ # / ____(_) | | | | | # | | _| |_ __ _ __| | ___| | # | | | | __/ _` |/ _` |/ _ \ | # | |____| | || (_| | (_| | __/ | # \_____|_|\__\__,_|\__,_|\___|_| # # ----------------------------------------------------------- # T-dah Webmail CSRF & Stored XSS # Bug discovered by Pr0T3cT10n AKA Yakir Wizman, # Date 17/08/2012 # Download - http://sourceforge.net/projects/t-dahmail/files/latest/download?utm_expid=6384-3&utm_referrer=http%3A%2F%2Fsourceforge.net%2Fprojects%2Ft-dahmail%2F # ISRAEL # ----------------------------------------------------------- # Author will be not responsible for any damage. # ----------------------------------------------------------- # PoC EXPLOIT # ----------------------------------------------------------- Tdah Webmail - CSRF & XSS Attack