4.3

CVE-2004-1719

Exploit

EPSS 0.82%
Veröffentlicht 17.08.2004 04:00:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

Multiple cross-site scripting (XSS) vulnerabilities in Merak Webmail Server 5.2.7 allow remote attackers to inject arbitrary web script or HTML via the (1) category, (2) cserver, (3) ext, (4) global, (5) showgroups, (6) or showlite parameters to address.html, or the (7) spage or (8) autoresponder parameters to settings.html, the (9) folder parameter to readmail.html, or the (10) attachmentpage_text_error parameter to attachment.html, (11) folder, (12) ct, or (13) cv parameters to calendar.html, (14) an <img> tag, or (15) the subject of an e-mail message.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 15

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Merak ≫ Mail Server Version7.4.5

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.82%	0.733

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:N/I:P/A:N

http://marc.info/?l=bugtraq&m=109279057326044&w=2

http://packetstormsecurity.nl/0408-exploits/merak527.txt

Patch

Vendor Advisory

Exploit

http://secunia.com/advisories/12269

Patch

Vendor Advisory

Exploit

http://securitytracker.com/id?1010969

http://www.osvdb.org/9037

Patch

Vendor Advisory

http://www.osvdb.org/9038

Patch

Vendor Advisory

http://www.osvdb.org/9039

Patch

Vendor Advisory

http://www.osvdb.org/9040

Patch

Vendor Advisory

http://www.osvdb.org/9041

Patch

Vendor Advisory

http://www.osvdb.org/9042

Patch

Vendor Advisory

http://www.securityfocus.com/bid/10966

Patch

Vendor Advisory

Exploit

https://exchange.xforce.ibmcloud.com/vulnerabilities/17024

https://nvd.nist.gov/vuln/detail/CVE-2004-1719

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2004-1719

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2004-1719

EUVD