6.8
CVE-2004-0519
- EPSS 22.53%
- Veröffentlicht 18.08.2004 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:05:48
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1.4.2 allow remote attackers to execute arbitrary script as other users and possibly steal authentication information via multiple attack vectors, including the mailbox parameter in compose.php.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Squirrelmail ≫ Squirrelmail Version1.0.4
Squirrelmail ≫ Squirrelmail Version1.0.5
Squirrelmail ≫ Squirrelmail Version1.2.0
Squirrelmail ≫ Squirrelmail Version1.2.1
Squirrelmail ≫ Squirrelmail Version1.2.2
Squirrelmail ≫ Squirrelmail Version1.2.3
Squirrelmail ≫ Squirrelmail Version1.2.4
Squirrelmail ≫ Squirrelmail Version1.2.5
Squirrelmail ≫ Squirrelmail Version1.2.6
Squirrelmail ≫ Squirrelmail Version1.2.7
Squirrelmail ≫ Squirrelmail Version1.2.8
Squirrelmail ≫ Squirrelmail Version1.2.9
Squirrelmail ≫ Squirrelmail Version1.2.10
Squirrelmail ≫ Squirrelmail Version1.2.11
Squirrelmail ≫ Squirrelmail Version1.4
Squirrelmail ≫ Squirrelmail Version1.4.1
Squirrelmail ≫ Squirrelmail Version1.4.2
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 22.53% | 0.974 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.8 | 8.6 | 6.4 |
AV:N/AC:M/Au:N/C:P/I:P/A:P
|
ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000858
http://www.debian.org/security/2004/dsa-535
http://marc.info/?l=bugtraq&m=108334862800260
http://rhn.redhat.com/errata/RHSA-2004-240.html
http://secunia.com/advisories/11531
http://secunia.com/advisories/11686
http://secunia.com/advisories/11870
http://secunia.com/advisories/12289
http://security.gentoo.org/glsa/glsa-200405-16.xml
http://www.novell.com/linux/security/advisories/2005_19_sr.html
http://www.securityfocus.com/advisories/6827
http://www.securityfocus.com/archive/1/361857
http://www.securityfocus.com/bid/10246
https://bugzilla.fedora.us/show_bug.cgi?id=1733
https://exchange.xforce.ibmcloud.com/vulnerabilities/16025
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1006
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10274