CVE-2005-0445

Published: May 2, 2005Modified: Apr 16, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

Cross-site scripting (XSS) vulnerability in Open WebMail 2.x allows remote attackers to inject arbitrary HTML or web script via the domain name parameter (logindomain) in the login page.

Affected (10)

Products: Open Webmail: Open Webmail

1 product

Configuration A

10 vulnerable

Vulnerable Software	Affected Versions
Open Webmail Open Webmail	Version 2.00
Open Webmail Open Webmail	Version 2.01
Open Webmail Open Webmail	Version 2.10
Open Webmail Open Webmail	Version 2.20
Open Webmail Open Webmail	Version 2.21
Open Webmail Open Webmail	Version 2.30
Open Webmail Open Webmail	Version 2.32
Open Webmail Open Webmail	Version 2.40
Open Webmail Open Webmail	Version 2.41
Open Webmail Open Webmail	Version 2.50

References (12)

http://secunia.com/advisories/14253

Source: cve@mitre.org

PatchVendor Advisory

http://securitytracker.com/id?1013172

Source: cve@mitre.org

http://turtle.ee.ncku.edu.tw/openwebmail/doc/changes.txt

Source: cve@mitre.org

http://turtle.ee.ncku.edu.tw/openwebmail/download/cert/patches/SA-05:01/2.5x.patch

Source: cve@mitre.org

http://www.securityfocus.com/bid/12547

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/19335

Source: cve@mitre.org

http://secunia.com/advisories/14253

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://securitytracker.com/id?1013172

Source: af854a3a-2127-422b-91ae-364da2661108

http://turtle.ee.ncku.edu.tw/openwebmail/doc/changes.txt

Source: af854a3a-2127-422b-91ae-364da2661108

http://turtle.ee.ncku.edu.tw/openwebmail/download/cert/patches/SA-05:01/2.5x.patch

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/12547

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/19335

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.