- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 26200
- Проверка EDB
-
- Пройдено
- Автор
- JAKOB BALLE
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2005-2769
- Дата публикации
- 2005-08-29
Код:
source: https://www.securityfocus.com/bid/14676/info
SqWebMail is affected by a vulnerability that may allow remote attackers to inject and execute arbitrary script code in a user's browser.
This may allow for various attacks including session hijacking due to the theft of user credentials.
SqWebMail 5.0.4 is reportedly vulnerable to this issue. It is possible that other versions are affected as well.
<img src="cid:>" onError="alert(document.domain);">- Источник
- www.exploit-db.com
