RM EasyMail Plus - Cross-Site Scripting Vulnerability #2 This cross-site scripting vulnerability can be exploited if a client views an email with a specially crafted title. Vulnerable E-Mail Title: </title><script>alert(1)</script> Vulnerable: RM EasyMail Plus Google d0rk: intitle:"Powered by RM EasyMail Plus" John Martinelli john@xxxxxxxxxxxxxx RedLevel Security RedLevel.org May 19th, 2007