Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-0323

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2012-0323
Last Modified 02 Jul 2012 12:00:00
Published 09 Mar 2012 06:55:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-0323

Summary

Cross-site scripting (XSS) vulnerability in the Autocomplete plugin before 3.0 for SquirrelMail allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Vulnerable Systems

Application

  • Paul Lesniewsk Autocomplete 1.0

  • Paul Lesniewsk Autocomplete 1.1

  • Paul Lesniewsk Autocomplete 1.2

  • Paul Lesniewsk Autocomplete 1.3

  • Paul Lesniewsk Autocomplete 2.0

  • Paul Lesniewsk Autocomplete 2.1


References

MISC - http://squirrelmail.org/plugin_view.php?id=32

JVNDB - JVNDB-2012-000021

JVN - JVN#56653852


Last Updated: 27 May 2016 10:58:20