SqWebMail redirect Parameter CRLF Injected XSS

medium Nessus Plugin ID 18372

Synopsis

The remote web server contains a CGI script that is affected by a cross-site scripting flaw.

Description

The remote host is running a version of SqWebMail that does not properly sanitize user-supplied input through the 'redirect' parameter. An attacker can exploit this flaw to inject arbitrary HTML and script code into a user's browser to be executed within the context of the affected website. Such attacks could lead to session cookie and password theft for users who read mail with SqWebMail.

Solution

Unknown at this time.

See Also

https://seclists.org/bugtraq/2005/Apr/441

Plugin Details

Severity: Medium

ID: 18372

File Name: sqwebmail_http_splitting.nasl

Version: 1.22

Type: remote

Published: 5/26/2005

Updated: 1/19/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.5

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

Vulnerability Information

CPE: cpe:/a:inter7:sqwebmail

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Ease: No exploit is required

Vulnerability Publication Date: 4/25/2005

Reference Information

CVE: CVE-2005-1308

BID: 13374

CWE: 20, 442, 629, 711, 712, 722, 725, 74, 750, 751, 79, 800, 801, 809, 811, 864, 900, 928, 931, 990