Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2004-0520

Опубликовано: 18 авг. 2004
Источник: nvd
CVSS2: 6.8
EPSS Средний

Описание

Cross-site scripting (XSS) vulnerability in mime.php for SquirrelMail before 1.4.3 allows remote attackers to insert arbitrary HTML and script via the content-type mail header, as demonstrated using read_body.php.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:open_webmail:open_webmail:2.30:*:*:*:*:*:*:*
cpe:2.3:a:open_webmail:open_webmail:2.31:*:*:*:*:*:*:*
cpe:2.3:a:open_webmail:open_webmail:2.32:*:*:*:*:*:*:*
cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*
cpe:2.3:a:squirrelmail:squirrelmail:1.2.0:*:*:*:*:*:*:*
cpe:2.3:a:squirrelmail:squirrelmail:1.2.1:*:*:*:*:*:*:*
cpe:2.3:a:squirrelmail:squirrelmail:1.2.2:*:*:*:*:*:*:*
cpe:2.3:a:squirrelmail:squirrelmail:1.2.3:*:*:*:*:*:*:*
cpe:2.3:a:squirrelmail:squirrelmail:1.2.4:*:*:*:*:*:*:*
cpe:2.3:a:squirrelmail:squirrelmail:1.2.5:*:*:*:*:*:*:*
cpe:2.3:a:squirrelmail:squirrelmail:1.2.6:*:*:*:*:*:*:*
cpe:2.3:a:squirrelmail:squirrelmail:1.2.7:*:*:*:*:*:*:*
cpe:2.3:a:squirrelmail:squirrelmail:1.2.8:*:*:*:*:*:*:*
cpe:2.3:a:squirrelmail:squirrelmail:1.2.9:*:*:*:*:*:*:*
cpe:2.3:a:squirrelmail:squirrelmail:1.2.10:*:*:*:*:*:*:*
cpe:2.3:a:squirrelmail:squirrelmail:1.2.11:*:*:*:*:*:*:*
cpe:2.3:a:squirrelmail:squirrelmail:1.4:*:*:*:*:*:*:*
cpe:2.3:a:squirrelmail:squirrelmail:1.4.1:*:*:*:*:*:*:*
cpe:2.3:a:squirrelmail:squirrelmail:1.4.2:*:*:*:*:*:*:*
cpe:2.3:a:squirrelmail:squirrelmail:1.4.3_rc1:*:*:*:*:*:*:*
cpe:2.3:a:squirrelmail:squirrelmail:1.5_dev:*:*:*:*:*:*:*

EPSS

Процентиль: 95%
0.18726
Средний

6.8 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

redhat логотип

CVE-2004-0520

redhat
около 21 года назад

Cross-site scripting (XSS) vulnerability in mime.php for SquirrelMail before 1.4.3 allows remote attackers to insert arbitrary HTML and script via the content-type mail header, as demonstrated using read_body.php.

debian логотип

CVE-2004-0520

debian
почти 21 год назад

Cross-site scripting (XSS) vulnerability in mime.php for SquirrelMail ...

github логотип

GHSA-5vvf-4w4f-hj33

github
больше 3 лет назад

Cross-site scripting (XSS) vulnerability in mime.php for SquirrelMail before 1.4.3 allows remote attackers to insert arbitrary HTML and script via the content-type mail header, as demonstrated using read_body.php.

EPSS

Процентиль: 95%
0.18726
Средний

6.8 Medium

CVSS2

Дефекты

NVD-CWE-Other