CVE-2005-3128

Published: Oct 4, 2005Modified: Apr 16, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

Cross-site scripting (XSS) vulnerability in add.php in Address Add Plugin 1.9 and 2.0 for Squirrelmail allows remote attackers to inject arbitrary web script or HTML via the IMG tag.

Affected (2)

Products: Squirrelmail: Address Add Plugin

Squirrelmail

1 product

Address Add Plugin

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Squirrelmail Address Add Plugin	Version 1.9
Squirrelmail Address Add Plugin	Version 2.0

References (26)

http://docs.info.apple.com/article.html?artnum=306172

Source: cve@mitre.org

http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=112801672520766&w=2

Source: cve@mitre.org

http://moritz-naumann.com/adv/0002/sqmadd/0002.txt

Source: cve@mitre.org

ExploitPatchVendor Advisory

http://secunia.com/advisories/16987/

Source: cve@mitre.org

PatchVendor Advisory

http://secunia.com/advisories/26235

Source: cve@mitre.org

http://securitytracker.com/id?1014988

Source: cve@mitre.org

http://squirrelmail.org/plugin_view.php?id=101

Source: cve@mitre.org

Patch

http://www.mandriva.com/security/advisories?name=MDKSA-2005:178

Source: cve@mitre.org

http://www.securityfocus.com/bid/14973

Source: cve@mitre.org

http://www.securityfocus.com/bid/25159

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2007/2732

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/22453

Source: cve@mitre.org

http://docs.info.apple.com/article.html?artnum=306172