HomeOpen WebmailCVE-2004-0520

CVE-2004-0520

UNKNOWN
6.8CVSS
Published: 2004-08-18
Updated: 2025-04-03
AI Analysis

Description

Cross-site scripting (XSS) vulnerability in mime.php for SquirrelMail before 1.4.3 allows remote attackers to insert arbitrary HTML and script via the content-type mail header, as demonstrated using read_body.php.

CVSS Metrics

Vector
AV:N/AC:M/Au:N/C:P/I:P/A:P
Access Vector
network
Access Cmplx
medium
Auth
none
Confidentiality
partial
Integrity
partial
Availability
partial
Weaknesses
NVD-CWE-Other

Metadata

Primary Vendor
OPEN_WEBMAIL
Published
8/18/2004
Last Modified
4/3/2025
Source
NIST NVD
Note: Verify all details with official vendor sources before applying patches.

Affected Products

open_webmail : open_webmailopen_webmail : open_webmailopen_webmail : open_webmailsgi : propacksquirrelmail : squirrelmailsquirrelmail : squirrelmailsquirrelmail : squirrelmailsquirrelmail : squirrelmailsquirrelmail : squirrelmailsquirrelmail : squirrelmailsquirrelmail : squirrelmailsquirrelmail : squirrelmailsquirrelmail : squirrelmailsquirrelmail : squirrelmailsquirrelmail : squirrelmailsquirrelmail : squirrelmailsquirrelmail : squirrelmailsquirrelmail : squirrelmailsquirrelmail : squirrelmailsquirrelmail : squirrelmailsquirrelmail : squirrelmail

AI-Powered Remediation

Generate remediation guidance or a C-suite brief for this vulnerability.

Executive Intelligence Brief

View on NIST NVD
CVE-CVE-2004-0520 | UNKNOWN Severity | CVEDatabase.com | CVEDatabase.com