CVE-2005-3352
published 2005-12-13CVE-2005-3352: Cross-site scripting (XSS) vulnerability in the mod_imap module of Apache httpd before 1.3.35-dev and Apache httpd 2.0.x before 2.0.56-dev allows remote…
medium4.3CVSS 3.1
AVNACMAuNCNIPAN
Cross-site scripting (XSS) vulnerability in the mod_imap module of Apache httpd before 1.3.35-dev and Apache httpd 2.0.x before 2.0.56-dev allows remote attackers to inject arbitrary web script or HTML via the Referer when using image maps.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | http_server | < 1.3.35 | 1.3.35 |
| apache | http_server | — | — |
| apache | http_server | >= 2.0 < 2.0.56 | 2.0.56 |
| debian | apache2 | < apache2 2.0.55-4 (bookworm) | apache2 2.0.55-4 (bookworm) |
CVSS provenance
nvd4.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
osv4.3MEDIUM