PT-2004-2097 · Cmailserver · Cmailserver

Published

2004-12-05

Updated

2017-07-11

CVE-2004-1130

CVSS v2.0

6.8

Medium

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions: CMailServer version 5.2

Description: A cross-site scripting (XSS) issue exists, allowing remote attackers to execute arbitrary web script or HTML via personal information fields, such as username, name, or comments.

Recommendations: For CMailServer version 5.2, update the software to a version that fixes this issue, ensuring that input validation and sanitization are properly implemented for personal information fields, such as username, name, and comments, to prevent XSS attacks.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2004-1130

Affected Products

Cmailserver

PT-2004-2097 · Cmailserver · Cmailserver

CVE-2004-1130

Related Identifiers

Affected Products

References · 5