Vulnerability Details CVE-2004-0337
Cross-site scripting (XSS) vulnerability in LAN SUITE Web Mail 602Pro allows remote attackers to execute arbitrary script or HTML as other users via a URL to index.html, followed by a / (slash) and the desired script. NOTE: the vendor states that this bug could not be reproduced, so this issue may be REJECTed in the future.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 60.8%
CVSS Severity
CVSS v2 Score 6.8
References
- http://archives.neohapsis.com/archives/bugtraq/2004-03/0096.html
- http://marc.info/?l=bugtraq&m=107799540630302&w=2
- http://www.securityfocus.com/bid/9777
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15351
- http://archives.neohapsis.com/archives/bugtraq/2004-03/0096.html
- http://marc.info/?l=bugtraq&m=107799540630302&w=2
- http://www.securityfocus.com/bid/9777
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15351
Products affected by CVE-2004-0337
-
cpe:2.3:a:software602:602pro_lan_suite:2002
-
cpe:2.3:a:software602:602pro_lan_suite:2003