CVE-2006-5712

Published Nov 4, 2006

Last updated 4 months ago

CVSS info 4.3

Overview

Description: Cross-site scripting (XSS) vulnerability in Mirapoint WebMail allows remote attackers to inject arbitrary web script via the expression Cascading Style Sheets (CSS) function, as demonstrated using the width style for an IMG element.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 4.3
Impact score: 2.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:N/I:P/A:N

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:mirapoint:mirapoint_webmail:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F356C092-B4CE-4702-937D-43DEA6C0CDE6"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

References

https://nvd.nist.gov/vuln/detail/CVE-2006-5712
http://marc.info/?l=full-disclosure&m=116232831525086&w=2
http://osvdb.org/33820
http://securitytracker.com/id?1017146
http://www.securityfocus.com/bid/20840
https://exchange.xforce.ibmcloud.com/vulnerabilities/29928
http://marc.info/?l=full-disclosure&m=116232831525086&w=2
http://osvdb.org/33820
http://securitytracker.com/id?1017146
http://www.securityfocus.com/bid/20840
https://exchange.xforce.ibmcloud.com/vulnerabilities/29928

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References