Количество 3
Количество 3
CVE-2005-4080
Horde IMP 4.0.4 and earlier does not sanitize strings containing UTF16 null characters, which allows remote attackers to conduct cross-site scripting (XSS) attacks via UTF16 encoded attachments and strings that will be executed when viewed using Internet Explorer, which ignores the characters.
CVE-2005-4080
Horde IMP 4.0.4 and earlier does not sanitize strings containing UTF16 ...
GHSA-8xjp-h5q2-g6vf
Horde IMP 4.0.4 and earlier does not sanitize strings containing UTF16 null characters, which allows remote attackers to conduct cross-site scripting (XSS) attacks via UTF16 encoded attachments and strings that will be executed when viewed using Internet Explorer, which ignores the characters.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2005-4080 Horde IMP 4.0.4 and earlier does not sanitize strings containing UTF16 null characters, which allows remote attackers to conduct cross-site scripting (XSS) attacks via UTF16 encoded attachments and strings that will be executed when viewed using Internet Explorer, which ignores the characters. | CVSS2: 4.3 | 1% Низкий | почти 20 лет назад |
| CVE-2005-4080 Horde IMP 4.0.4 and earlier does not sanitize strings containing UTF16 ... | CVSS2: 4.3 | 1% Низкий | почти 20 лет назад |
| GHSA-8xjp-h5q2-g6vf Horde IMP 4.0.4 and earlier does not sanitize strings containing UTF16 null characters, which allows remote attackers to conduct cross-site scripting (XSS) attacks via UTF16 encoded attachments and strings that will be executed when viewed using Internet Explorer, which ignores the characters. | 1% Низкий | больше 3 лет назад |
Уязвимостей на страницу