CVE-2007-2718 - Cross-site scripting (XSS) vulnerability in the WebMail system in Stalker CommuniGate Pro 5.1.8 and

CVE-2007-2718

Summary

Cross-site scripting (XSS) vulnerability in the WebMail system in Stalker CommuniGate Pro 5.1.8 and earlier, when using Microsoft Internet Explorer, allows remote attackers to inject arbitrary web script or HTML via crafted STYLE tags.

References

Vulnerable Configurations

cpe:2.3:a:microsoft:internet_explorer:*:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:*:*:*:*:*:*:*:*
cpe:2.3:a:stalker:communigate_pro:*:*:*:*:*:*:*:*
cpe:2.3:a:stalker:communigate_pro:*:*:*:*:*:*:*:*

CVSS

Base:	4.3 (as of 23-07-2021 - 15:12)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
NONE	PARTIAL	NONE

cvss-vector via4

AV:N/AC:M/Au:N/C:N/I:P/A:N

refmap via4

bid	23950
fulldisc	20070512 CommuniGate Pro web mail persistent cross-site scripting vulnerability
misc	http://www.communigate.com/CommuniGatePro/History51.html http://www.scanit.be/advisory-2007-05-12.html
osvdb	36017
sectrack	1018048
secunia	25250
vupen	ADV-2007-1795
xf	communigate-mail-xss(34266)

Last major update

23-07-2021 - 15:12

Published

16-05-2007 - 19:28

Last modified

23-07-2021 - 15:12