2000-02-04 05:00:00
mitre
PUBLISHED
Hotmail does not properly filter JavaScript code from a users mailbox, which allows a remote attacker to execute code via the LOWSRC or DYNRC parameters in the IMG tag.