Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2002-0738HistoryAug 12, 2002 - 4:00 a.m.
CVE-2002-0738
2002-08-1204:00:00
Debian Security Bug Tracker
security-tracker.debian.org
5
0.011 Low
EPSS
Percentile
84.6%
MHonArc 2.5.2 and earlier does not properly filter Javascript from archived e-mail messages, which could allow remote attackers to execute script in web clients by (1) splitting the SCRIPT tag into smaller pieces, (2) including the script in a SRC argument to an IMG tag, or (3) using “&={script}” syntax.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | mhonarc | < 2.5.11-1 | mhonarc_2.5.11-1_all.deb |
| Debian | 11 | all | mhonarc | < 2.5.11-1 | mhonarc_2.5.11-1_all.deb |
| Debian | 10 | all | mhonarc | < 2.5.11-1 | mhonarc_2.5.11-1_all.deb |
| Debian | 999 | all | mhonarc | < 2.5.11-1 | mhonarc_2.5.11-1_all.deb |
| Debian | 13 | all | mhonarc | < 2.5.11-1 | mhonarc_2.5.11-1_all.deb |
Related
osv
osv
mhonarc - cross site scripting
2002-09-09 00:00:00
openvas
openvas
Debian Security Advisory DSA 163-1 (mhonarc)
2008-01-17 00:00:00
Debian: Security Advisory (DSA-163)
2008-01-17 00:00:00
debian
debian
nessus
nessus
Debian DSA-163-1 : mhonarc - XSS
2004-09-29 00:00:00
CGI Generic XSS (comprehensive test)
2010-07-26 00:00:00
cve
cve
CVE-2002-0738
2002-08-12 04:00:00