SqWebMail 5.0.4 - HTML Email IMG Tag Script Injection
| EKU-ID: 31527 | CVE: CVE-2005-2769;OSVDB-19047 | OSVDB-ID: |
| Author: Jakob Balle | Published: 2005-08-29 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 31527 | CVE: CVE-2005-2769;OSVDB-19047 | OSVDB-ID: |
| Author: Jakob Balle | Published: 2005-08-29 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/14676/info SqWebMail is affected by a vulnerability that may allow remote attackers to inject and execute arbitrary script code in a user's browser. This may allow for various attacks including session hijacking due to the theft of user credentials. SqWebMail 5.0.4 is reportedly vulnerable to this issue. It is possible that other versions are affected as well. <img src="cid:>" onError="alert(document.domain);">