CVE-2005-2724

EPSS 0.80%

courier - missing input sanitising

發布日:2005/8/30修改日:2026/4/28

也稱為:DEBIAN-CVE-2005-2724

描述

Cross-site scripting (XSS) vulnerability in SqWebMail 5.0.4 allows remote attackers to inject arbitrary web script or HTML via a file attachment that is processed by the Display feature. NOTE: the severity of this issue has been disputed by the developer.

受影響套件(2)

Debian/courierfrom 0, < 0.47-8
Debian/courierfrom 0, < 0.37.3-2.6

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2005-2724