CVE-2002-1434

Опубликовано: 11 апр. 2003

Источник: nvd

CVSS2: 6.8

EPSS Низкий

Описание

Multiple cross-site scripting (XSS) vulnerabilities in the Web mail module of Kerio MailServer 5.0 allow remote attackers to execute HTML script as other users via certain URLs.

Ссылки

http://archives.neohapsis.com/archives/bugtraq/2002-08/0183.html
Patch
Vendor Advisory
http://www.iss.net/security_center/static/9905.php
Patch
Vendor Advisory
http://www.securityfocus.com/bid/5507
Exploit
Vendor Advisory
http://archives.neohapsis.com/archives/bugtraq/2002-08/0183.html
Patch
Vendor Advisory
http://www.iss.net/security_center/static/9905.php
Patch
Vendor Advisory
http://www.securityfocus.com/bid/5507
Exploit
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:kerio:kerio_mailserver:5.0:*:*:*:*:*:*:*

cpe:2.3:a:kerio:kerio_mailserver:5.1:*:*:*:*:*:*:*

cpe:2.3:a:kerio:kerio_mailserver:5.1.1:*:*:*:*:*:*:*

EPSS

Процентиль: 75%

0.00879

Низкий

6.8 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-5j3g-v6vc-vj66

github

почти 4 года назад