4.3

CVE-2005-3128

Exploit
Cross-site scripting (XSS) vulnerability in add.php in Address Add Plugin 1.9 and 2.0 for Squirrelmail allows remote attackers to inject arbitrary web script or HTML via the IMG tag.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 3.44% 0.874
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:N/I:P/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://docs.info.apple.com/article.html?artnum=306172
http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html
http://secunia.com/advisories/26235
http://www.securityfocus.com/bid/25159
http://www.vupen.com/english/advisories/2007/2732
http://marc.info/?l=bugtraq&m=112801672520766&w=2
http://moritz-naumann.com/adv/0002/sqmadd/0002.txt
Patch
Vendor Advisory
Exploit
http://secunia.com/advisories/16987/
Patch
Vendor Advisory
http://securitytracker.com/id?1014988
http://squirrelmail.org/plugin_view.php?id=101
Patch
http://www.mandriva.com/security/advisories?name=MDKSA-2005:178
http://www.securityfocus.com/bid/14973
https://exchange.xforce.ibmcloud.com/vulnerabilities/22453