CVE-2004-1100

Sažetak

Cross-site scripting (XSS) vulnerability in mailpost.exe in MailPost 5.1.1sv, and possibly earlier versions, when debug mode is enabled, allows remote attackers to execute arbitrary web script or HTML via the append parameter.

Reference

http://www.kb.cert.org/vuls/id/107998
http://www.procheckup.com/security_info/vuln_pr0410.html
http://www.securityfocus.com/bid/11596
https://exchange.xforce.ibmcloud.com/vulnerabilities/17953

CVSS

Base:	6.8
Impact:	6.4
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:M/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

11-07-2017 - 01:30

Objavljeno

10-01-2005 - 05:00