CVE-2005-1769
Published Jun 16, 2005
Last updated 7 years ago
Overview
- Description
- Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1.4.0 through 1.4.4 allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors in (1) the URL or (2) an e-mail message.
- Source
- secalert@redhat.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 4.3
- Impact score
- 2.9
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:N/I:P/A:N
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4AD31177-05BB-4623-AED7-765DB7E44E47"
},
{
"criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "20247A22-9AB9-4BCE-BF28-350B52FBC62D"
},
{
"criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "79E6734C-EE1C-40B6-9759-15298707A6F5"
},
{
"criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.3_rc1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B08E51F1-3764-4146-89C1-20B9B8EE1222"
},
{
"criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.3a:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CD4071B2-3D4F-4755-98B1-E28CEB05EA8B"
},
{
"criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.44:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A0C44025-C79D-4791-8EF6-3E26786E194E"
}
],
"operator": "OR"
}
]
}
]