CVE: CVE-2004-1100 - CVE-Search

CVE Details for CVE: CVE-2004-1100

Summary

Cross-site scripting (XSS) vulnerability in mailpost.exe in MailPost 5.1.1sv, and possibly earlier versions, when debug mode is enabled, allows remote attackers to execute arbitrary web script or HTML via the append parameter.

Timestamps
Last major update	11-07-2017 - 01:30
Published	10-01-2005 - 05:00
Last modified	11-07-2017 - 01:30

References

http://www.securityfocus.com/bid/11596
http://www.kb.cert.org/vuls/id/107998
http://www.procheckup.com/security_info/vuln_pr0410.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/17953

Vulnerable Configurations

cpe:2.3:a:tips:mailpost:5.1.1sv:*:*:*:*:*:*:*
cpe:2.3:a:tips:mailpost:5.1.1sv:*:*:*:*:*:*:*

CAPEC

Click the CAPEC title to display a description

CWE

NVD-CWE-Other

CVSS

Base

6.8

Impact

6.4

Exploitability

8.6

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

CVSS3

None

VIA4 references

cvss-vector via4

AV:N/AC:M/Au:N/C:P/I:P/A:P

refmap via4

bid	11596
cert-vn	VU#107998
misc	http://www.procheckup.com/security_info/vuln_pr0410.html
xf	mailpost-append-xss(17953)