CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2012-0903

Multiple cross-site scripting (XSS) vulnerabilities in Zimbra Desktop 7.1.2 b10978 allow remote attackers to inject arbitrary web script or HTML via the (1) Username or (2) MailBox Name.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 58.1%

CVSS Severity

CVSS v2 Score 4.3

References

http://packetstormsecurity.org/files/view/108715/VL-378.txt
http://seclists.org/fulldisclosure/2012/Jan/244
http://www.securityfocus.com/bid/51436
http://www.vulnerability-lab.com/get_content.php?id=378
https://exchange.xforce.ibmcloud.com/vulnerabilities/72405
http://packetstormsecurity.org/files/view/108715/VL-378.txt
http://seclists.org/fulldisclosure/2012/Jan/244
http://www.securityfocus.com/bid/51436
http://www.vulnerability-lab.com/get_content.php?id=378
https://exchange.xforce.ibmcloud.com/vulnerabilities/72405

Products affected by CVE-2012-0903

Vmware » Zimbra Desktop » Version: 7.1.2

cpe:2.3:a:vmware:zimbra_desktop:7.1.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2012-0903

Products

Pricing

Contact Us