Lucene search

[email protected]CVE-2005-1282

HistoryMay 02, 2005 - 4:00 a.m.

CVE-2005-1282

2005-05-0204:00:00

[email protected]

web.nvd.nist.gov

cve

2005

1282

cross-site scripting

xss

argosoft mail server pro

webmail interface

security vulnerability

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.8 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

68.9%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in Argosoft Mail Server Pro 1.8.7.6 allow remote attackers to inject arbitrary web script or HTML via (1) the src parameter in an IMG tag, (2) User settings, or (3) Address book input boxes in the webmail interface.

Affected configurations

NVD

Node

argosoftargosoft_mail_serverMatch1.8.7.6pro

CPENameOperatorVersion
argosoft:argosoft_mail_serverargosoft argosoft mail servereq1.8.7.6

CPE	Name	Operator	Version
argosoft:argosoft_mail_server	argosoft argosoft mail server	eq	1.8.7.6

References

marc.info/?l=bugtraq&m=111419001527077&w=2

secunia.com/advisories/15100

www.securityfocus.com/bid/13326

exchange.xforce.ibmcloud.com/vulnerabilities/20225

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.8 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

68.9%

JSON

Related for CVE-2005-1282

cvelist1 nvd1 nessus1