CVE-2004-2585

2005-11-2823:00:00

mitre

www.cve.org

AI Score

5.7

Confidence

High

EPSS

0.008

Percentile

81.4%

JSON

Cross-site scripting (XSS) vulnerability in frmCompose.aspx in SmarterTools SmarterMail 1.6.1511 and 1.6.1529 allows remote attackers to inject arbitrary web script or HTML via Javascript to the “check spelling” feature in the compose area.

References

members.lycos.co.uk/r34ct/main/smarter_mail%203.1/smarter_mail.txt

secunia.com/advisories/11042

securitytracker.com/id?1009307

www.osvdb.org/4145

www.securityfocus.com/bid/9805

www.zone-h.org/advisories/read/id=4098

exchange.xforce.ibmcloud.com/vulnerabilities/15393