CVE-2007-2718

medium

Description

Cross-site scripting (XSS) vulnerability in the WebMail system in Stalker CommuniGate Pro 5.1.8 and earlier, when using Microsoft Internet Explorer, allows remote attackers to inject arbitrary web script or HTML via crafted STYLE tags.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/34266

http://www.vupen.com/english/advisories/2007/1795

http://www.securitytracker.com/id?1018048

http://www.securityfocus.com/bid/23950

http://www.scanit.be/advisory-2007-05-12.html

http://www.communigate.com/CommuniGatePro/History51.html

http://secunia.com/advisories/25250

http://osvdb.org/36017

http://marc.info/?l=full-disclosure&m=117900749209206&w=2

Details

Source: Mitre, NVD

Published: 2007-05-16

Updated: 2024-11-21

Risk Information

CVSS v2

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 6.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N