https://www.exploit-db.com/exploits/24722
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200501-177

MailPost是一个32位Windows系统中WebServer的CGI程序。MailPost5.1.1sv及之前版本中的mailpost.exe存在拒绝服务、信息泄露、跨站脚本攻击多种漏洞。

source: http://www.securityfocus.com/bid/11598/info

MailPost is reported prone to a cross-site scripting vulnerability. This issue presents itself due to insufficient sanitization of user-supplied data and can allow an attacker to execute arbitrary HTML and script code in a user's browser through a malicious error message returned from the application. 

This attack would occur in the security context of the affected web site and may allow for theft of cookie-based authentication credentials or other attacks. 

MailPost 5.1.1sv is reported prone to this issue. It is possible that other versions are affected as well.

http://www.example.com/scripts/mailpost.exe/<script>alert('hi')</script>/mail.txt

来源:US-CERT
名称:VU#596046
链接:http://www.kb.cert.org/vuls/id/596046
来源:XF
名称:mailpost-slash-xss(17951)
链接:http://xforce.iss.net/xforce/xfdb/17951
来源:BID
名称:11598
链接:http://www.securityfocus.com/bid/11598
来源:MISC
链接:http://www.procheckup.com/security_info/vuln_pr0411.html