Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in IlohaMail 0.8.14 and earlier allow remote attackers to inject arbitrary web script or HTML via the e-mail (1) body, (2) filename, or (3) MIME type.
CVSS Score
4.3
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ilohamail | Ilohamail | 0.7.0 |
References
- http://secunia.com/advisories/14957Vendor Advisory
- http://secunia.com/advisories/19266
- http://securitytracker.com/id?1013701
- http://www.debian.org/security/2006/dsa-1010
- http://www.osvdb.org/15506
- http://www.securityfocus.com/bid/13175
- https://exchange.xforce.ibmcloud.com/vulnerabilities/20095
- http://secunia.com/advisories/14957Vendor Advisory
- http://secunia.com/advisories/19266
- http://securitytracker.com/id?1013701
- http://www.debian.org/security/2006/dsa-1010
- http://www.osvdb.org/15506
- http://www.securityfocus.com/bid/13175
- https://exchange.xforce.ibmcloud.com/vulnerabilities/20095
FAQ
What is CVE-2005-1120?
CVE-2005-1120 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Multiple cross-site scripting (XSS) vulnerabilities in IlohaMail 0.8.14 and earlier allow remote attackers to inject arbitrary web script or HTML via the e-mail (1) body, (2) filename, or (3) MIME typ...
How severe is CVE-2005-1120?
CVE-2005-1120 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-1120?
Check the references section above for vendor advisories and patch information. Affected products include: Ilohamail Ilohamail.