ID |
CVE-2004-1100
|
Summary |
Cross-site scripting (XSS) vulnerability in mailpost.exe in MailPost 5.1.1sv, and possibly earlier versions, when debug mode is enabled, allows remote attackers to execute arbitrary web script or HTML via the append parameter. Successful exploitation requires that debug mode is enabled. |
References |
|
Vulnerable Configurations |
|
CVSS |
Base: | 6.8 (as of 11-07-2017 - 01:30) |
Impact: | |
Exploitability: | |
|
CWE |
NVD-CWE-Other |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
NETWORK |
MEDIUM |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
PARTIAL |
PARTIAL |
PARTIAL |
|
cvss-vector
via4
|
AV:N/AC:M/Au:N/C:P/I:P/A:P
|
refmap
via4
|
|
Last major update |
11-07-2017 - 01:30 |
Published |
10-01-2005 - 05:00 |
Last modified |
11-07-2017 - 01:30 |