CVE-2005-3428 Information

Description

Cross-site scripting (XSS) vulnerability in Rockliffe MailSite Express before 6.1.22 allows remote attackers to inject arbitrary web script or HTML via a message body.

Reference

http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0578.html http://marc.info/?l=bugtraq&m=113053680631151&w=2 http://secunia.com/advisories/17240/ http://securitytracker.com/id?1015117 http://www.osvdb.org/20488 http://www.security-assessment.com/Advisories/Rockliffe_Express_Webmail_Vulnerabilities.pdf https://exchange.xforce.ibmcloud.com/vulnerabilities/22907 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A1052