CVE-2006-0091

2006-01-0511:00:00

mitre

www.cve.org

5.7 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

69.0%

JSON

Cross-site scripting (XSS) vulnerability in webmail in Open-Xchange 0.8.1-6 and earlier, with “Inline HTML” enabled, allows remote attackers to inject arbitrary web script or HTML via e-mail attachments, which are rendered inline.

References

marc.info/?l=full-disclosure&m=113629092325679&w=2

secunia.com/advisories/18285

securitytracker.com/id?1015431

www.vupen.com/english/advisories/2006/0034