Lucene search
K

101 matches found

Tenable Nessus
Tenable Nessus
added 2006/01/15 12:0 a.m.23 views

Ubuntu 4.10 / 5.04 : courier vulnerabilities (USN-201-1)

Several Cross Site Scripting vulnerabilities were discovered in SqWebmail. A remote attacker could exploit this to execute arbitrary JavaScript or other active HTML embeddable content in the web browser of an SqWebmail user by sending specially crafted emails to him. Please note that the...

4.3CVSS5.6AI score0.0273EPSS
Exploits1References3
Ubuntu
Ubuntu
added 2005/10/12 1:14 a.m.52 views

USN-201-1: SqWebmail vulnerabilities

Several Cross Site Scripting vulnerabilities were discovered in SqWebmail. A remote attacker could exploit this to execute arbitrary JavaScript or other active HTML embeddable content in the web browser of an SqWebmail user by sending specially crafted emails to him. Please note that the...

4.3CVSS5.5AI score0.0273EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2005/10/05 12:0 a.m.24 views

Debian DSA-820-1 : courier - missing input sanitising

Jakob Balle discovered that with 'Conditional Comments' in Internet Explorer it is possible to hide JavaScript code in comments that will be executed when the browser views a malicious email via sqwebmail. Successful exploitation requires that the user is using Internet Explorer. %NASLMINLEVEL...

4.3CVSS5.5AI score0.02172EPSS
Exploits0References3
securityvulns
securityvulns
added 2005/09/26 12:0 a.m.43 views

[SECURITY] [DSA 820-1] New courier packages fix cross-site scripting

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 820-1 [email protected] http://www.debian.org/security/ Martin Schulze September 24th, 2005 http://www.debian.org/security/faq -...

4.3CVSS0.1AI score0.02172EPSS
Exploits0
securityvulns
securityvulns
added 2005/09/26 12:0 a.m.22 views

Courier mail server crossite scripting

Internet Explorer Conditional Comments crossite scripting with sqwebmail...

2.3AI score
Exploits0References1Affected Software1
OSV
OSV
added 2005/09/24 12:0 a.m.21 views

DSA-820-1 courier - missing input sanitising

Bulletin has no description...

4.3CVSS6.1AI score0.0273EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2005/09/07 7:7 p.m.17 views

CVE-2005-2820

Cross-site scripting XSS vulnerability in SqWebMail 5.0.4 allows remote attackers to inject arbitrary web script or HTML via an e-mail message containing Internet Explorer "Conditional Comments" such as "if" and "endif"...

4.3CVSS6AI score0.02172EPSS
Exploits0References2
OSV
OSV
added 2005/09/07 7:7 p.m.2 views

DEBIAN-CVE-2005-2820

Cross-site scripting XSS vulnerability in SqWebMail 5.0.4 allows remote attackers to inject arbitrary web script or HTML via an e-mail message containing Internet Explorer "Conditional Comments" such as "if" and "endif"...

4.3CVSS5.7AI score0.02172EPSS
Exploits0References1
NVD
NVD
added 2005/09/07 7:7 p.m.19 views

CVE-2005-2820

Cross-site scripting XSS vulnerability in SqWebMail 5.0.4 allows remote attackers to inject arbitrary web script or HTML via an e-mail message containing Internet Explorer "Conditional Comments" such as "if" and "endif"...

4.3CVSS5.5AI score0.02172EPSS
Exploits0References8
OSV
OSV
added 2005/09/07 7:7 p.m.6 views

CVE-2005-2820

Cross-site scripting XSS vulnerability in SqWebMail 5.0.4 allows remote attackers to inject arbitrary web script or HTML via an e-mail message containing Internet Explorer "Conditional Comments" such as "if" and "endif"...

5.5AI score
Exploits0References8
CVE
CVE
added 2005/09/07 4:0 a.m.55 views

CVE-2005-2820

CVE-2005-2820 is an XSS vulnerability in SqWebMail courier (Conditional Comments in Internet Explorer). The root cause is missing input sanitising in the courier/sqwebmail handling of HTML in emails, allowing remote attackers to inject script via crafted messages. Affected: SqWebMail courier depl...

4.3CVSS5.4AI score0.02172EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2005/09/07 4:0 a.m.21 views

CVE-2005-2820

Cross-site scripting XSS vulnerability in SqWebMail 5.0.4 allows remote attackers to inject arbitrary web script or HTML via an e-mail message containing Internet Explorer "Conditional Comments" such as "if" and "endif"...

5.4AI score0.02172EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2005/09/07 4:0 a.m.38 views

CVE-2005-2820

Cross-site scripting XSS vulnerability in SqWebMail 5.0.4 allows remote attackers to inject arbitrary web script or HTML via an e-mail message containing Internet Explorer "Conditional Comments" such as "if" and "endif"...

4.3CVSS5.6AI score0.02172EPSS
Exploits0
securityvulns
securityvulns
added 2005/09/06 12:0 a.m.25 views

[Full-disclosure] Secunia Research: SqWebMail Conditional Comments Script Insertion Vulnerability

====================================================================== Secunia Research 06/09/2005 - SqWebMail Conditional Comments Script Insertion Vulnerability - ====================================================================== Table of Contents Affected...

0.2AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2005/09/06 12:0 a.m.22 views

Debian DSA-793-1 : courier - missing input sanitising

Jakob Balle discovered a vulnerability in the handling of attachments in sqwebmail, a web mail application provided by the courier mail suite, which can be exploited by an attacker to conduct script insertion attacks. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...

4.3CVSS5.4AI score0.0273EPSS
Exploits1References6
UbuntuCve
UbuntuCve
added 2005/09/02 11:3 p.m.22 views

CVE-2005-2769

Cross-site scripting XSS vulnerability in SqWebMail 5.0.4 and possibly other versions allows remote attackers to inject arbitrary web script or HTML via an HTML e-mail containing tags with strings that contain "" or other special characters, which is not properly sanitized by SqWebMail...

4.3CVSS6.1AI score0.0273EPSS
Exploits1References2
NVD
NVD
added 2005/09/02 11:3 p.m.18 views

CVE-2005-2769

Cross-site scripting XSS vulnerability in SqWebMail 5.0.4 and possibly other versions allows remote attackers to inject arbitrary web script or HTML via an HTML e-mail containing tags with strings that contain "" or other special characters, which is not properly sanitized by SqWebMail...

4.3CVSS5.7AI score0.0273EPSS
Exploits1References8
OSV
OSV
added 2005/09/02 11:3 p.m.5 views

CVE-2005-2769

Cross-site scripting XSS vulnerability in SqWebMail 5.0.4 and possibly other versions allows remote attackers to inject arbitrary web script or HTML via an HTML e-mail containing tags with strings that contain "" or other special characters, which is not properly sanitized by SqWebMail...

5.7AI score
Exploits0References9
OSV
OSV
added 2005/09/02 11:3 p.m.12 views

DEBIAN-CVE-2005-2769

Cross-site scripting XSS vulnerability in SqWebMail 5.0.4 and possibly other versions allows remote attackers to inject arbitrary web script or HTML via an HTML e-mail containing tags with strings that contain "" or other special characters, which is not properly sanitized by SqWebMail...

4.3CVSS5.8AI score0.0273EPSS
Exploits1References1
Cvelist
Cvelist
added 2005/09/02 4:0 a.m.21 views

CVE-2005-2769

Cross-site scripting XSS vulnerability in SqWebMail 5.0.4 and possibly other versions allows remote attackers to inject arbitrary web script or HTML via an HTML e-mail containing tags with strings that contain "" or other special characters, which is not properly sanitized by SqWebMail...

5.6AI score0.0273EPSS
Exploits1References8
Rows per page
Query Builder