CVE-2006-0091

Cross-site scripting (XSS) vulnerability in webmail in Open-Xchange 0.8.1-6 and earlier, with "Inline HTML" enabled, allows remote attackers to inject arbitrary web script or HTML via e-mail attachments, which are rendered inline.
Configurations

Configuration 1 (hide)

cpe:2.3:a:open-xchange:open-xchange:*:*:*:*:*:*:*:*

History

21 Nov 2024, 00:05

Type Values Removed Values Added
References () http://marc.info/?l=full-disclosure&m=113629092325679&w=2 - () http://marc.info/?l=full-disclosure&m=113629092325679&w=2 -
References () http://secunia.com/advisories/18285 - Vendor Advisory () http://secunia.com/advisories/18285 - Vendor Advisory
References () http://securitytracker.com/id?1015431 - () http://securitytracker.com/id?1015431 -
References () http://www.vupen.com/english/advisories/2006/0034 - () http://www.vupen.com/english/advisories/2006/0034 -

Information

Published : 2006-01-05 11:03

Updated : 2024-11-21 00:05


NVD link : CVE-2006-0091

Mitre link : CVE-2006-0091

CVE.ORG link : CVE-2006-0091


JSON object : View

Products Affected

open-xchange

  • open-xchange