5.8 Medium
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
65.0%
Multiple cross-site scripting (XSS) vulnerabilities in the email auto-reply message in SurgeMail 2.2g3 allow remote attackers to inject arbitrary web script or HTML via the (1) message subject or (2) message header field.
marc.info/?l=bugtraq&m=111159967417903&w=2
netwinsite.com/cgi/dnewsweb.cgi?cmd=article&group=netwin.surgemail&item=8814&utag=
secunia.com/advisories/14658
www.security.org.sg/vuln/surgemail22g3.html