4.3
CVE-2005-3128
- EPSS 3.44%
- Veröffentlicht 04.10.2005 22:02:00
- Zuletzt bearbeitet 16.06.2026 22:16:18
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Cross-site scripting (XSS) vulnerability in add.php in Address Add Plugin 1.9 and 2.0 for Squirrelmail allows remote attackers to inject arbitrary web script or HTML via the IMG tag.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Squirrelmail ≫ Address Add Plugin Version1.9
Squirrelmail ≫ Address Add Plugin Version2.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 3.44% | 0.874 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:N/I:P/A:N
|
http://docs.info.apple.com/article.html?artnum=306172
http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html
http://secunia.com/advisories/26235
http://www.securityfocus.com/bid/25159
http://www.vupen.com/english/advisories/2007/2732
http://marc.info/?l=bugtraq&m=112801672520766&w=2
http://moritz-naumann.com/adv/0002/sqmadd/0002.txt
http://secunia.com/advisories/16987/
http://securitytracker.com/id?1014988
http://squirrelmail.org/plugin_view.php?id=101
http://www.mandriva.com/security/advisories?name=MDKSA-2005:178
http://www.securityfocus.com/bid/14973
https://exchange.xforce.ibmcloud.com/vulnerabilities/22453