4.3
CVE-2006-3095
- EPSS 1.32%
- Veröffentlicht 19.06.2006 21:02:00
- Zuletzt bearbeitet 16.06.2026 22:26:23
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginMultiple cross-site scripting (XSS) vulnerabilities in iPostMX 2005 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the RETURNURL parameter in (1) userlogin.cfm and (2) account.cfm.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ipostmx ≫ Ipostmx 2005 Version <= 2.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.32% | 0.67 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:N/I:P/A:N
|
http://pridels0.blogspot.com/2006/06/ipostmx-2005-vuln.html
http://secunia.com/advisories/20697
http://www.osvdb.org/26522
http://www.osvdb.org/26523
http://www.securityfocus.com/bid/18460
http://www.vupen.com/english/advisories/2006/2382
https://exchange.xforce.ibmcloud.com/vulnerabilities/27140