CVE-2005-0320

Published: Jan 28, 2005Modified: Apr 16, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:N/I:P/A:N

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

Multiple cross-site scripting vulnerabilities in MERAK Mail Server 7.6.0 with Icewarp Web Mail 5.3.0 allow remote attackers to inject arbitrary web script or HTML via the (1) username parameter to login.html, (2) accountid parameter to accountsettings_add.html, or the (3) note, (4) title, and (5) location fields to calendar.html.

Affected (1)

Products: Icewarp: Web Mail

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Icewarp Web Mail	Version 5.3

References (6)

http://marc.info/?l=bugtraq&m=110693950205007&w=2

Source: cve@mitre.org

http://www.securityfocus.com/bid/12396

Source: cve@mitre.org

PatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/19147

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=110693950205007&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/12396

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/19147

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.