CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2006-3233

Cross-site scripting (XSS) vulnerability in openwebmail-read.pl in Open WebMail (OWM) 2.52, and other versions released before 06/18/2006, allows remote attackers to inject arbitrary web script or HTML via the from field. NOTE: some third party sources have mentioned the "to" and "from" fields, although CVE analysis shows that these are associated with the previous version, a different executable, and a different CVE.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 65.1%

CVSS Severity

CVSS v2 Score 4.3

References

Products affected by CVE-2006-3233

Open Webmail » Open Webmail » Version: Any

cpe:2.3:a:open_webmail:open_webmail:*
Open Webmail » Open Webmail » Version: 1.7

cpe:2.3:a:open_webmail:open_webmail:1.7
Open Webmail » Open Webmail » Version: 1.71

cpe:2.3:a:open_webmail:open_webmail:1.71
Open Webmail » Open Webmail » Version: 1.8

cpe:2.3:a:open_webmail:open_webmail:1.8
Open Webmail » Open Webmail » Version: 1.81

cpe:2.3:a:open_webmail:open_webmail:1.81
Open Webmail » Open Webmail » Version: 1.90

cpe:2.3:a:open_webmail:open_webmail:1.90
Open Webmail » Open Webmail » Version: 2.20

cpe:2.3:a:open_webmail:open_webmail:2.20
Open Webmail » Open Webmail » Version: 2.21

cpe:2.3:a:open_webmail:open_webmail:2.21
Open Webmail » Open Webmail » Version: 2.30

cpe:2.3:a:open_webmail:open_webmail:2.30
Open Webmail » Open Webmail » Version: 2.31

cpe:2.3:a:open_webmail:open_webmail:2.31
Open Webmail » Open Webmail » Version: 2.32

cpe:2.3:a:open_webmail:open_webmail:2.32
Open Webmail » Open Webmail » Version: 2.41

cpe:2.3:a:open_webmail:open_webmail:2.41
Open Webmail » Open Webmail » Version: 2.5

cpe:2.3:a:open_webmail:open_webmail:2.5
Open Webmail » Open Webmail » Version: 2.51

cpe:2.3:a:open_webmail:open_webmail:2.51

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2006-3233

Products

Pricing

Contact Us