CVE-2005-3352 — Cross-site Scripting in Apache Http Server

CWE-79 — Cross-site Scripting13 documents8 sources

Severity

4.3MEDIUMNVD

EPSS

25.6%

top 3.76%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apache Http Server

Timeline

PublishedDec 13

Latest updateMay 3

Description

Cross-site scripting (XSS) vulnerability in the mod_imap module of Apache httpd before 1.3.35-dev and Apache httpd 2.0.x before 2.0.56-dev allows remote attackers to inject arbitrary web script or HTML via the Referer when using image maps.

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages1 packages

▶NVDapache/http_server2.0 — 2.0.56+2

Patches

Patch: securitytracker.com ↗Patch: securitytracker.com ↗

🔴Vulnerability Details

GHSA

GHSA-3h5q-3j8q-4rm9: Cross-site scripting (XSS) vulnerability in the mod_imap module of Apache httpd before 1↗2022-05-03

▶

OSV

CVE-2005-3352: Cross-site scripting (XSS) vulnerability in the mod_imap module of Apache httpd before 1↗2005-12-13

▶

CVEList

CVE-2005-3352: Cross-site scripting (XSS) vulnerability in the mod_imap module of Apache httpd before 1↗2005-12-13

▶

📋Vendor Advisories

Ubuntu

Apache vulnerabilities↗2006-01-13

▶

Red Hat

httpd cross-site scripting flaw in mod_imap↗2005-12-12

▶

Debian

CVE-2005-3352: apache2 - Cross-site scripting (XSS) vulnerability in the mod_imap module of Apache httpd ...↗2005

▶

💬Community

Bugzilla

CVE-2005-3352 httpd cross-site scripting flaw in mod_imap↗2008-01-28

▶

Bugzilla

CVE-2005-3352, CVE-2006-3918 apache security issues↗2006-09-25

▶

Bugzilla

CVE-2005-3352 mod_imagemap XSS in FC5test2↗2006-01-16

▶

Bugzilla

CVE-2005-3352 cross-site scripting flaw in mod_imap↗2005-12-14

▶

Bugzilla

CVE-2005-3352 cross-site scripting flaw in mod_imap↗2005-12-13

▶