Lucene search

[email protected]NVD:CVE-2003-0160

HistoryApr 02, 2003 - 5:00 a.m.

CVE-2003-0160

2003-04-0205:00:00

[email protected]

web.nvd.nist.gov

CVSS2

5.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

AI Score

5.8

Confidence

High

EPSS

0.002

Percentile

56.6%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail before 1.2.11 allow remote attackers to inject arbitrary HTML code and steal information from a client’s web browser.

Affected configurations

Nvd

Node

squirrelmailsquirrelmailRange≤1.2.11

VendorProductVersionCPE
squirrelmailsquirrelmail*cpe:2.3:a:squirrelmail:squirrelmail:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
squirrelmail	squirrelmail	*	cpe:2.3:a:squirrelmail:squirrelmail::::::::

References

sourceforge.net/mailarchive/forum.php?thread_id=1641953&forum_id=1988

www.redhat.com/support/errata/RHSA-2003-112.html

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A614

CVSS2

5.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

AI Score

5.8

Confidence

High

EPSS

0.002

Percentile

56.6%

JSON

Related for NVD:CVE-2003-0160

cvelist1 cve1