Описание
Cross-site scripting (XSS) vulnerability in the print_header_uc function for SqWebMail 4.0.4 and earlier, and possibly 3.x, allows remote attackers to inject arbitrary web script or HRML via (1) e-mail headers or (2) a message with a "message/delivery-status" MIME Content-Type.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 0.47-13ubuntu5.1 |
| devel | released | 0.53.2-3ubuntu1 |
| edgy | released | 0.53.2-3ubuntu1 |
| feisty | released | 0.53.2-3ubuntu1 |
| upstream | needs-triage |
Показывать по
Ссылки на источники
EPSS
6.8 Medium
CVSS2
Связанные уязвимости
Cross-site scripting (XSS) vulnerability in the print_header_uc function for SqWebMail 4.0.4 and earlier, and possibly 3.x, allows remote attackers to inject arbitrary web script or HRML via (1) e-mail headers or (2) a message with a "message/delivery-status" MIME Content-Type.
Cross-site scripting (XSS) vulnerability in the print_header_uc functi ...
Cross-site scripting (XSS) vulnerability in the print_header_uc function for SqWebMail 4.0.4 and earlier, and possibly 3.x, allows remote attackers to inject arbitrary web script or HRML via (1) e-mail headers or (2) a message with a "message/delivery-status" MIME Content-Type.
EPSS
6.8 Medium
CVSS2