CVE-2006-0978

Multiple cross-site scripting (XSS) vulnerabilities in the View Headers (aka viewheaders) functionality in ArGoSoft Mail Server Pro 1.8.8.5 allow remote attackers to inject arbitrary web script or HTML via (1) the Subject header, (2) the From header, and (3) certain other unspecified headers.

Published: Mar 3, 2006
Updated: Apr 13, 2023
CVE: CVE-2006-0978
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
argosoft / argosoft_mail_server	1.8.8.5	1.8.8.5.x

http://secunia.com/advisories/18991
http://secunia.com/secunia_research/2006-6/advisory/
http://securityreason.com/securityalert/504
http://www.osvdb.org/23512
http://www.securityfocus.com/archive/1/426206/100/0/threaded
http://www.securityfocus.com/bid/16834
http://www.vupen.com/english/advisories/2006/0751
https://exchange.xforce.ibmcloud.com/vulnerabilities/24945

Vulnerability Database

290,020

CVE-2006-0978