CVE-2005-0445

Published May 2, 2005

Last updated 7 years ago

Overview

Description: Cross-site scripting (XSS) vulnerability in Open WebMail 2.x allows remote attackers to inject arbitrary HTML or web script via the domain name parameter (logindomain) in the login page.
Source: cve@mitre.org
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 4.3
Impact score: 2.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:N/I:P/A:N

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:open_webmail:open_webmail:2.00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "53783E69-4E5E-4AAD-A280-338E131478C5"
          },
          {
            "criteria": "cpe:2.3:a:open_webmail:open_webmail:2.01:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6F32A212-11C1-432A-9ECD-844CD4EC3EF7"
          },
          {
            "criteria": "cpe:2.3:a:open_webmail:open_webmail:2.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "30D334D8-D50F-45DA-9267-F2A4722BF4A9"
          },
          {
            "criteria": "cpe:2.3:a:open_webmail:open_webmail:2.20:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FCEC7B40-834B-4476-8A0D-FDEA86C436D0"
          },
          {
            "criteria": "cpe:2.3:a:open_webmail:open_webmail:2.21:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "467BEC56-9C42-4180-B422-F0099AF77B21"
          },
          {
            "criteria": "cpe:2.3:a:open_webmail:open_webmail:2.30:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9FCF6241-3F7C-4867-8D2E-CCA1BEFCA9D8"
          },
          {
            "criteria": "cpe:2.3:a:open_webmail:open_webmail:2.32:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E3A87C77-5F6E-497D-A6A0-7D68D5E27E33"
          },
          {
            "criteria": "cpe:2.3:a:open_webmail:open_webmail:2.40:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "162770C7-AF47-437C-A0D7-9F92D86DC951"
          },
          {
            "criteria": "cpe:2.3:a:open_webmail:open_webmail:2.41:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5C718757-E831-4C17-A9E6-BB31A20AC8EC"
          },
          {
            "criteria": "cpe:2.3:a:open_webmail:open_webmail:2.50:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DDE131E5-B180-4751-B81B-459CA0207DED"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References