CVE-2007-1927
published 2007-04-10CVE-2007-1927: Cross-site scripting (XSS) vulnerability in signup.asp in CmailServer WebMail 5.3.4 and earlier allows remote attackers to inject arbitrary web script or HTML…
PriorityP415medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EPSS
1.22%
64.8th percentile
Cross-site scripting (XSS) vulnerability in signup.asp in CmailServer WebMail 5.3.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the POP3Mail parameter.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| youngzsoft | cmailserver | <= 5.3.4 | — |
| youngzsoft | cmailserver | <= 5.4.3 | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-q866-9m3h-92xr: Cross-site scripting (XSS) vulnerability in mail/signup
ghsa_unreviewed·2022-05-01·CVSS 4.3
CVE-2007-1991 [MEDIUM] GHSA-q866-9m3h-92xr: Cross-site scripting (XSS) vulnerability in mail/signup
Cross-site scripting (XSS) vulnerability in mail/signup.asp in CmailServer WebMail 5.4.3, and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via the Comment parameter, a different vector than CVE-2007-1927.
GHSA
GHSA-xr7h-q8xq-c8ww: Cross-site scripting (XSS) vulnerability in signup
ghsa_unreviewed·2022-05-01
CVE-2007-1927 [MEDIUM] GHSA-xr7h-q8xq-c8ww: Cross-site scripting (XSS) vulnerability in signup
Cross-site scripting (XSS) vulnerability in signup.asp in CmailServer WebMail 5.3.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the POP3Mail parameter.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://osvdb.org/34119http://secunia.com/advisories/24812http://securityreason.com/securityalert/2529http://www.securityfocus.com/archive/1/464966/100/0/threadedhttp://www.securityfocus.com/bid/23360https://exchange.xforce.ibmcloud.com/vulnerabilities/33501http://osvdb.org/34119http://secunia.com/advisories/24812http://securityreason.com/securityalert/2529http://www.securityfocus.com/archive/1/464966/100/0/threadedhttp://www.securityfocus.com/bid/23360https://exchange.xforce.ibmcloud.com/vulnerabilities/33501
2007-04-10
Published