NVD

Id
71066  
Name
CVE-2004-0639  
Description
Multiple cross-site scripting (XSS) vulnerabilities in Squirrelmail 1.2.10 and earlier allow remote attackers to inject arbitrary HTML or script via (1) the $mailer variable in read_body.php, (2) the $senderNames_part variable in mailbox_display.php, and possibly other vectors including (3) the $event_title variable or (4) the $event_text variable.  
Reject
 
CVSS Version
2  
CVSS Score
6.8  
Severity
Medium  
CVSS Base Score
6.8  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:P/I:P/A:P)  
Pub Date
2017-07-18  
Published
2004-08-06  
Modified Date
2017-07-10  
Seq
2004-0639  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
366949 71066 CVE-2004-0639 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=257973  View
366950 71066 CVE-2004-0639 CLA-2004:858  View
366951 71066 CVE-2004-0639 20040530 RS-2004-1: SquirrelMail "Content-Type" XSS vulnerability  View
366952 71066 CVE-2004-0639 DSA-535  View
366953 71066 CVE-2004-0639 http://www.rs-labs.com/adv/RS-Labs-Advisory-2004-1.txt  View
366954 71066 CVE-2004-0639 10450  View
366955 71066 CVE-2004-0639 squirrelmail-from-header-xss(16285)  View

Related JVN