CVE Vulnerability

CVE-2008-7202

Multiple cross-site scripting (XSS) vulnerabilities in OpenWebMail before 2.53 (Stable) allow remote attackers to inject arbitrary web script or HTML via unknown vectors.

4.3 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 8.6 / Impact : 2.9

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

Scope

References
Link Resource
http://archives.neohapsis.com/archives/apps/freshmeat/2008-01/0032.html Exploit
http://osvdb.org/40581
http://freshmeat.net/projects/openwebmail/releases/270453 Patch
Configurations

Configuration 1

cpe:2.3:a:openwebmail.acatysmoof:openwebmail:2.32:*:*:*:*:*:*:*
cpe:2.3:a:openwebmail.acatysmoof:openwebmail:2.41:*:*:*:*:*:*:*
cpe:2.3:a:openwebmail.acatysmoof:openwebmail:2.40:*:*:*:*:*:*:*
cpe:2.3:a:openwebmail.acatysmoof:openwebmail:2.21:*:*:*:*:*:*:*
cpe:2.3:a:openwebmail.acatysmoof:openwebmail:2.30:*:*:*:*:*:*:*
cpe:2.3:a:openwebmail.acatysmoof:openwebmail:*:*:*:*:*:*:*:*
cpe:2.3:a:openwebmail.acatysmoof:openwebmail:2.20:*:*:*:*:*:*:*
cpe:2.3:a:openwebmail.acatysmoof:openwebmail:2.51:*:*:*:*:*:*:*
cpe:2.3:a:openwebmail.acatysmoof:openwebmail:2.50:*:*:*:*:*:*:*
Information

Published : 2009-09-10 10:30

Updated : 2009-09-11 04:00

NVD link : CVE-2008-7202

Mitre link : CVE-2008-7202

Products Affected
No products.
CWE
CWE-79