Описание
Cross-site scripting (XSS) vulnerability in SqWebMail 5.0.4 and possibly other versions allows remote attackers to inject arbitrary web script or HTML via an HTML e-mail containing tags with strings that contain ">" or other special characters, which is not properly sanitized by SqWebMail.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 0.47-13ubuntu5.1 |
| devel | released | 0.53.2-3ubuntu1 |
| edgy | released | 0.53.2-3ubuntu1 |
| feisty | released | 0.53.2-3ubuntu1 |
| upstream | needs-triage |
Показывать по
EPSS
4.3 Medium
CVSS2
Связанные уязвимости
Cross-site scripting (XSS) vulnerability in SqWebMail 5.0.4 and possibly other versions allows remote attackers to inject arbitrary web script or HTML via an HTML e-mail containing tags with strings that contain ">" or other special characters, which is not properly sanitized by SqWebMail.
Cross-site scripting (XSS) vulnerability in SqWebMail 5.0.4 and possib ...
Cross-site scripting (XSS) vulnerability in SqWebMail 5.0.4 and possibly other versions allows remote attackers to inject arbitrary web script or HTML via an HTML e-mail containing tags with strings that contain ">" or other special characters, which is not properly sanitized by SqWebMail.
EPSS
4.3 Medium
CVSS2