CVE-2003-0160

  1. Reconshell
  2. Vulnerabilities (CVE)
  3. CVE-2003-0160
Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail before 1.2.11 allow remote attackers to inject arbitrary HTML code and steal information from a client's web browser.

5.8 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:P/I:P/A:N

Exploitability : 8.6 / Impact : 4.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact NONE

References
Link Resource
http://sourceforge.net/mailarchive/forum.php?thread_id=1641953&forum_id=1988 Patch
http://www.redhat.com/support/errata/RHSA-2003-112.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A614
Advertisement

NeevaHost hosting service
Configurations

Configuration 1 (hide)

cpe:2.3:a:squirrelmail:squirrelmail:*:*:*:*:*:*:*:*
Information

Published : 2003-04-01 21:00

Updated : 2017-10-10 18:29

NVD link : CVE-2003-0160

Mitre link : CVE-2003-0160

JSON object : View

CWE
NVD-CWE-Other
Advertisement

dedicated server usa
Products Affected

squirrelmail

  • squirrelmail