#12 Security Hole

[Anonymous]

A vulnerability exists in Null Webmail. If NWM fetches
a message with a subject of "a</a>...", the text behind
the closing tag is parsed as HTML/script depending on
how it is written.