Lucene search

[email protected]CVE-2005-2769

HistorySep 02, 2005 - 11:03 p.m.

CVE-2005-2769

2005-09-0223:03:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve

2005

2769

cross-site scripting

xss

vulnerability

sqwebmail

html

nvd

5.8 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.016 Low

EPSS

Percentile

87.5%

JSON

Cross-site scripting (XSS) vulnerability in SqWebMail 5.0.4 and possibly other versions allows remote attackers to inject arbitrary web script or HTML via an HTML e-mail containing tags with strings that contain “>” or other special characters, which is not properly sanitized by SqWebMail.

CPENameOperatorVersion
inter7:sqwebmailinter7 sqwebmaileq5.0.4

CPE	Name	Operator	Version
inter7:sqwebmail	inter7 sqwebmail	eq	5.0.4

References

marc.info/?l=bugtraq&m=112534112715638&w=2

seclists.org/fulldisclosure/2005/Aug/975

secunia.com/advisories/16600/

secunia.com/advisories/17156

secunia.com/secunia_research/2005-39/advisory/

www.securityfocus.com/bid/14676

www.ubuntu.com/usn/usn-201-1

exchange.xforce.ibmcloud.com/vulnerabilities/22043

5.8 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.016 Low

EPSS

Percentile

87.5%

JSON

Related for CVE-2005-2769

debiancve1 ubuntucve1 osv1 openvas1 ubuntu1 nessus2