Headline
CVE-2009-1702: OVH mail
Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to inject arbitrary web script or HTML via vectors related to improper handling of Location and History objects.
Log in to Webmail
Explore OVHcloud email solutions
Email Pro
From £1.99ex. VAT/monthor£2.39incl. VAT/month
1 email address
10GB storage
Data hosted in France
99.99% availability
Hosted Exchange
From £2.49ex. VAT/month/accountor£2.99incl. VAT/month/account
Data hosted in France
50GB or 300GB/account
Standard Exchange account
99.99% availability
Private Exchange
From £2.79ex. VAT/month/accountor£3.35incl. VAT/month/account
Standard Exchange account
Up to 300 users
50GB/account
Dedicated server
Dedicated IP
99.99% availability
Trusted Exchange
Dedicated hardware infrastructure
Multi-datacentre redundancy
ISO 27001 certified
From 2,000 user accounts
Customisable storage
99.99% SLA guaranteed
Migrate your email accounts easily for free
With the OVH Mail Migrator (OMM), you can securely migrate your external business email accounts to an OVHcloud account (and vice versa) for free.
This migration takes into account the essential elements of your source: emails, contacts, contact groups, tasks, calendars, schedules, rules and automatic replies.
This service is provided free of charge, and guarantees full reversibility.
There are many advantages to opting for our email solutions:
Accessibility from any device
99.99% guaranteed availability
A secure, sovereign environment for your data
A solution updated and maintained by our teams
Anti-spam and anti-virus protection
Anti-DDoS protection
Support and documentation
We offer a range of documentation and online support to assist you in setting up and configuring your email accounts.
Related news
Use-after-free vulnerability in the JavaScript DOM implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by destroying a document.body element that has an unspecified XML container with elements that support the dir attribute.