Vulnerability Details CVE-2007-2061
Cross-site scripting (XSS) vulnerability in check_login.asp in AfterLogic MailBee WebMail Pro 3.4 allows remote attackers to inject arbitrary web script or HTML via the username parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.073
EPSS Ranking 91.2%
CVSS Severity
CVSS v2 Score 4.3
References
- http://osvdb.org/34974
- http://secunia.com/advisories/24882
- http://securityreason.com/securityalert/2572
- http://www.majorsecurity.de/index_2.php?major_rls=major_rls44
- http://www.securityfocus.com/archive/1/465611/100/0/threaded
- http://www.securityfocus.com/bid/23481
- http://www.vupen.com/english/advisories/2007/1416
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33645
- http://osvdb.org/34974
- http://secunia.com/advisories/24882
- http://securityreason.com/securityalert/2572
- http://www.majorsecurity.de/index_2.php?major_rls=major_rls44
- http://www.securityfocus.com/archive/1/465611/100/0/threaded
- http://www.securityfocus.com/bid/23481
- http://www.vupen.com/english/advisories/2007/1416
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33645
Products affected by CVE-2007-2061
-
cpe:2.3:a:afterlogic:mailbee_webmail:3.4