logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2005-1488

Description

Multiple cross-site scripting (XSS) vulnerabilities in Merak Mail Server 8.0.3 with Icewarp Web Mail 5.4.2 allow remote authenticated users to inject arbitrary web script or HTML via (1) the E-mail address, Note, or Public Certificate fields to address.html, (2) addressaction.html, (3) the Signature field to settings.html, or (4) the Shared calendars to calendarsettings.html.


Affected Software


CPE Name Name Version
icewarp:web_mail icewarp web mail 5.4.2
merak:mail_server merak mail server 8.0.3