Lucene search
HistorySep 17, 2012 - 2:55 p.m.
CVE-2012-2575
cve-2012-2575
xss
netwin
surgemail
6.0a4
vulnerability
web script
html
iframe
e-mail
6.3 Medium
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.001 Low
EPSS
Percentile
45.7%
Cross-site scripting (XSS) vulnerability in NetWin SurgeMail 6.0a4 allows remote attackers to inject arbitrary web script or HTML via the SRC attribute of an IFRAME element in the body of an HTML e-mail message.
| CPE | Name | Operator | Version |
|---|---|---|---|
| netwin:surgemail | netwin surgemail | eq | 6.0 |
References
Related
cvelist
cvelist
CVE-2012-2575
2022-10-03 16:15:37
prion
prion
Cross site scripting
2012-09-17 14:55:00
6.3 Medium
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.001 Low
EPSS
Percentile
45.7%
Related for CVE-2012-2575