CVE-2004-1100

Properties

Published:
09.01.2005
Updated:
20.10.2005
Patch available:
Severity:
High
CVSS vector:
(AV:R/AC:L/Au:NR/C:C/I:C/A:C/B:N) Approximated
Product:
TIPS: MailPost

Vulnerability description

Cross-site scripting (XSS) vulnerability in mailpost.exe in MailPost 5.1.1sv, and possibly earlier versions, when debug mode is enabled, allows remote attackers to execute arbitrary web script or HTML via the append parameter.

References:

Security Focus: http://www.securityfocus.com/bid/11596
ISS X-Force: http://xforce.iss.net/xforce/xfdb/17953
CERT: http://www.kb.cert.org/vuls/id/107998
MISC: http://www.procheckup.com/security_info/vuln_pr0410.html