CVE-2005-2820

Publication date 7 September 2005

Last updated 24 July 2024


Ubuntu priority

Cross-site scripting (XSS) vulnerability in SqWebMail 5.0.4 allows remote attackers to inject arbitrary web script or HTML via an e-mail message containing Internet Explorer “Conditional Comments” such as ”[if]” and ”[endif]”.

Status

No maintained releases are affected by this CVE.

Package Ubuntu Release Status
courier 7.04 feisty
Fixed 0.53.2-3ubuntu1
6.10 edgy
Fixed 0.53.2-3ubuntu1
6.06 LTS dapper
Fixed 0.47-13ubuntu5.1

References

Related Ubuntu Security Notices (USN)

    • USN-201-1
    • SqWebmail vulnerabilities
    • 12 October 2005

Other references