4.3

CVE-2004-1719

Exploit

EPSS 0.82%
Published 17.08.2004 04:00:00
Last modified 03.04.2025 01:03:51
Source cve@mitre.org
Teams watchlist Login
Open Login

Multiple cross-site scripting (XSS) vulnerabilities in Merak Webmail Server 5.2.7 allow remote attackers to inject arbitrary web script or HTML via the (1) category, (2) cserver, (3) ext, (4) global, (5) showgroups, (6) or showlite parameters to address.html, or the (7) spage or (8) autoresponder parameters to settings.html, the (9) folder parameter to readmail.html, or the (10) attachmentpage_text_error parameter to attachment.html, (11) folder, (12) ct, or (13) cv parameters to calendar.html, (14) an <img> tag, or (15) the subject of an e-mail message.

Affected products Warnungen 0 Metrics 2 CWE 0 References 15

Data is provided by the National Vulnerability Database (NVD)

Merak ≫ Mail Server Version7.4.5

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.82%	0.733

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:N/I:P/A:N

http://marc.info/?l=bugtraq&m=109279057326044&w=2

http://packetstormsecurity.nl/0408-exploits/merak527.txt

Patch

Vendor Advisory

Exploit

http://secunia.com/advisories/12269

Patch

Vendor Advisory

Exploit

http://securitytracker.com/id?1010969

http://www.osvdb.org/9037

Patch

Vendor Advisory

http://www.osvdb.org/9038

Patch

Vendor Advisory

http://www.osvdb.org/9039

Patch

Vendor Advisory

http://www.osvdb.org/9040

Patch

Vendor Advisory

http://www.osvdb.org/9041

Patch

Vendor Advisory

http://www.osvdb.org/9042

Patch

Vendor Advisory

http://www.securityfocus.com/bid/10966

Patch

Vendor Advisory

Exploit

https://exchange.xforce.ibmcloud.com/vulnerabilities/17024

https://nvd.nist.gov/vuln/detail/CVE-2004-1719

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2004-1719

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2004-1719

EUVD