CVE-2006-3095

2006-06-1921:00:00

mitre

www.cve.org

5.8 Medium

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

78.9%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in iPostMX 2005 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the RETURNURL parameter in (1) userlogin.cfm and (2) account.cfm.

References

pridels0.blogspot.com/2006/06/ipostmx-2005-vuln.html

secunia.com/advisories/20697

www.osvdb.org/26522

www.osvdb.org/26523

www.securityfocus.com/bid/18460

www.vupen.com/english/advisories/2006/2382

exchange.xforce.ibmcloud.com/vulnerabilities/27140