CVE-2005-0846

2005-03-2405:00:00

mitre

www.cve.org

5.8 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

65.0%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in the email auto-reply message in SurgeMail 2.2g3 allow remote attackers to inject arbitrary web script or HTML via the (1) message subject or (2) message header field.

References

marc.info/?l=bugtraq&m=111159967417903&w=2

netwinsite.com/cgi/dnewsweb.cgi?cmd=article&group=netwin.surgemail&item=8814&utag=

secunia.com/advisories/14658

www.security.org.sg/vuln/surgemail22g3.html