CVE-2005-2769
EPSS 11.0%courier - missing input sanitising
發布日:2005/9/2修改日:2026/4/28
也稱為:DEBIAN-CVE-2005-2769
描述
Cross-site scripting (XSS) vulnerability in SqWebMail 5.0.4 and possibly other versions allows remote attackers to inject arbitrary web script or HTML via an HTML e-mail containing tags with strings that contain ">" or other special characters, which is not properly sanitized by SqWebMail.
受影響套件(2)
- Debian/courierfrom 0, < 0.47-9
- Debian/courierfrom 0, < 0.37.3-2.7