2 matches found
CVE-2007-5649
Cross-site scripting XSS vulnerability in lostpwd.php in Creative Digital Resources SocketMail 2.2.1 allows remote attackers to inject arbitrary web script or HTML via the lostid parameter...
CVE-2007-5649
CVE-2007-5649 is a Cross-site Scripting (XSS) vulnerability in SocketMail 2.2.1 from Creative Digital Resources, exposed via lostpwd.php and the lost_id parameter. The NVD entry lists CVSS v2.0 base score 4.3 (Medium) with network access, required medium attack complexity, no authentication, and ...