logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2005-3131

Description

Multiple cross-site scripting (XSS) vulnerabilities in MERAK Mail Server 8.2.4r with Icewarp Web Mail 5.5.1, and possibly earlier versions, allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter to blank.html, or the createdataCX parameter to (2) calendar_d.html, (3) calendar_m.html, or (4) calendar_w.html.


Affected Software


CPE Name Name Version
merak:mail_server merak mail server 8.2.4r
icewarp:web_mail icewarp web mail 5.5.1

Related