CVE

Id
55816  
CVE No.
CVE-2012-2573  
Status
Candidate  
Description
Multiple cross-site scripting (XSS) vulnerabilities in T-dah WebMail 3.2.0-2.3 allow remote attackers to inject arbitrary web script or HTML via an e-mail message body with (1) a SCRIPT element, (2) a crafted Cascading Style Sheets (CSS) expression property, (3) a CSS expression property in the STYLE attribute of an arbitrary element, (4) an ONLOAD attribute of a BODY element, (5) a crafted SRC attribute of an IFRAME element, (6) a crafted CONTENT attribute of an HTTP-EQUIV="refresh" META element, or (7) a data: URL in the CONTENT attribute of an HTTP-EQUIV="refresh" META element.  
Phase
Assigned (20120509)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
580980 55816 CVE-2012-2573 EXPLOIT-DB:20364  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
28763 JVNDB-2012-004470 SmarterMail におけるクロスサイトスクリプティングの脆弱性 SmarterMail には、クロスサイトスクリプティングの脆弱性が存在します。 CVE-2012-2578 55816 4.3 http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004470.html  View