CVE-2004-1130

Sažetak

Cross-site scripting (XSS) vulnerability in admin.asp in CMailServer 5.2 allows remote attackers to execute arbitrary web script or HTML via personal information fields, such as (1) username, (2) name, or (3) comments.

Reference

http://marc.info/?l=bugtraq&m=110137313329955&w=2
http://www.security.org.sg/vuln/cmailserver52.html
http://www.securityfocus.com/bid/11742
https://exchange.xforce.ibmcloud.com/vulnerabilities/18280

CVSS

Base:	6.8
Impact:	6.4
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:M/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

11-07-2017 - 01:30

Objavljeno

10-01-2005 - 05:00