CVE

CVE-2007-2718

Date: (C)2007-05-16   (M)2023-12-22

Cross-site scripting (XSS) vulnerability in the WebMail system in Stalker CommuniGate Pro 5.1.8 and earlier, when using Microsoft Internet Explorer, allows remote attackers to inject arbitrary web script or HTML via crafted STYLE tags.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 4.3
Exploit Score: 8.6
Impact Score: 2.9
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: NONE
Integrity: PARTIAL
Availability: NONE

Reference:

SECTRACK-1018048

http://marc.info/?l=full-disclosure&m=117900749209206&w=2

BID-23950

SECUNIA-25250

OSVDB-36017

ADV-2007-1795

communigate-mail-xss(34266)

http://www.communigate.com/CommuniGatePro/History51.html

http://www.scanit.be/advisory-2007-05-12.html