Lucene search

[email protected]CVE-2004-1100

HistoryJan 10, 2005 - 5:00 a.m.

CVE-2004-1100

2005-01-1005:00:00

[email protected]

web.nvd.nist.gov

cve-2004-1100

cross-site scripting

xss

mailpost

vulnerability

security

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

6.4 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

71.5%

JSON

Cross-site scripting (XSS) vulnerability in mailpost.exe in MailPost 5.1.1sv, and possibly earlier versions, when debug mode is enabled, allows remote attackers to execute arbitrary web script or HTML via the append parameter.

Affected configurations

NVD

Node

tipsmailpostMatch5.1.1sv

CPENameOperatorVersion
tips:mailposttips mailposteq5.1.1sv

CPE	Name	Operator	Version
tips:mailpost	tips mailpost	eq	5.1.1sv

References

www.kb.cert.org/vuls/id/107998

www.procheckup.com/security_info/vuln_pr0410.html

www.securityfocus.com/bid/11596

exchange.xforce.ibmcloud.com/vulnerabilities/17953

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

6.4 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

71.5%

JSON

Related for CVE-2004-1100

nvd1 cvelist1