Published: 07/08/2003 Updated: 11/07/2017

CVSS v2 Base Score: 5.1 | Impact Score: 6.4 | Exploitability Score: 4.9

VMScore: 520

Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P

Multiple cross-site scripting (XSS) vulnerabilities in Kerio MailServer 5.6.3 allow remote malicious users to insert arbitrary web script via (1) the add_name parameter in the add_acl module, or (2) the alias parameter in the do_map module.

Vulnerable Product	Search on Vulmon	Subscribe to Product
kerio kerio mailserver 5.6.3

source: wwwsecurityfocuscom/bid/7966/info Reportedly, Kerio Mailserver is vulnerable to a cross site-scripting attack The vulnerability is present in the add_acl module of the Kerio Mailserver web mail component An attacker may exploit this vulnerability by enticing a victim user to follow a malicious link It should be noted that alt ...

source: wwwsecurityfocuscom/bid/7968/info Reportedly, Kerio Mailserver is vulnerable to a cross site-scripting attack The vulnerability is present in the do_map module of the Kerio Mailserver web mail component An attacker may exploit this vulnerability by enticing a victim user to follow a malicious link containing malicious HTML code ...

NVD-CWE-Other http://nautopia.org/vulnerabilidades/kerio_mailserver.htm http://www.securityfocus.com/bid/7966 http://www.securityfocus.com/bid/7968 http://marc.info/?l=bugtraq&m=105596982503760&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/12367 https://nvd.nist.gov https://www.exploit-db.com/exploits/22799/

CVE-2003-0488

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect