CVE-2005-3128 Information
Description
Cross-site scripting (XSS) vulnerability in add.php in Address Add Plugin 1.9 and 2.0 for Squirrelmail allows remote attackers to inject arbitrary web script or HTML via the IMG tag.
Reference
http://docs.info.apple.com/article.html?artnum=306172 http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html http://marc.info/?l=bugtraq&m=112801672520766&w=2 http://moritz-naumann.com/adv/0002/sqmadd/0002.txt http://secunia.com/advisories/16987/ http://secunia.com/advisories/26235 http://securitytracker.com/id?1014988 http://squirrelmail.org/plugin_view.php?id=101 http://www.mandriva.com/security/advisories?name=MDKSA-2005:178 http://www.securityfocus.com/bid/14973 http://www.securityfocus.com/bid/25159 http://www.vupen.com/english/advisories/2007/2732 https://exchange.xforce.ibmcloud.com/vulnerabilities/22453
Share on: