CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Icewarp: >> Merak Mail Server >> 8.9.1 Security Vulnerabilities

CVE-2007-5046

Cross-site scripting (XSS) vulnerability in the Webmail interface for IceWarp Merak Mail Server before 9.0.0 allows remote attackers to inject arbitrary JavaScript via a javascript: URI in an attribute of an element in an email message body, as demonstrated by the onload attribute in a BODY element.

CVSS Score

4.3

EPSS Score

0.004

Published

2007-09-24

Page 1

Vulnerabilities

Vulnerable Software

Icewarp: >> Merak Mail Server >> 8.9.1 Security Vulnerabilities

Products

Pricing

Contact Us