Vulnerabilities > CVE-2005-0846 - Cross-Site Scripting vulnerability in Netwin Surgemail 2.2G3
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
Multiple cross-site scripting (XSS) vulnerabilities in the email auto-reply message in SurgeMail 2.2g3 allow remote attackers to inject arbitrary web script or HTML via the (1) message subject or (2) message header field.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Nessus
NASL family | SMTP problems |
NASL id | NETWIN_SURGEMAIL_UNSPECIFIED_VULNS.NASL |
description | The remote host is running NetWin SurgeMail, a mail server application. The remote version of this software is affected by multiple unspecified vulnerabilities that have been disclosed by the vendor. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 17594 |
published | 2005-03-22 |
reporter | This script is Copyright (C) 2005-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/17594 |
title | NetWin SurgeMail Multiple Remote Unspecified Vulnerabilities |
code |
|