CVE-2006-3229
Last modified
CVE-2006-3229 is a vulnerability of currently unknown severity. Cross-site scripting (XSS) vulnerability in Open WebMail (OWM) 2.52, and other versions released before 05/12/2006, allows remote attackers to inject arbitrary web script or HTML via the (1) To and (2) From fields in openwebmail-main.pl, and possibly (3) other unspecified vectors related to "openwebmailerror calls that need to display HTML.". EPSS estimates a 1.16% chance of exploitation in the next 30 days.
Description
Cross-site scripting (XSS) vulnerability in Open WebMail (OWM) 2.52, and other versions released before 05/12/2006, allows remote attackers to inject arbitrary web script or HTML via the (1) To and (2) From fields in openwebmail-main.pl, and possibly (3) other unspecified vectors related to "openwebmailerror calls that need to display HTML."
Metrics
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Open Webmail | Open Webmail | <= 2.52 |
| Open Webmail | Open Webmail | 1.7 |
| Open Webmail | Open Webmail | 1.8 |
| Open Webmail | Open Webmail | 1.71 |
| Open Webmail | Open Webmail | 1.81 |
| Open Webmail | Open Webmail | 1.90 |
| Open Webmail | Open Webmail | 2.5 |
| Open Webmail | Open Webmail | 2.20 |
| Open Webmail | Open Webmail | 2.21 |
| Open Webmail | Open Webmail | 2.30 |
| Open Webmail | Open Webmail | 2.31 |
| Open Webmail | Open Webmail | 2.32 |
| Open Webmail | Open Webmail | 2.41 |
| Open Webmail | Open Webmail | 2.51 |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2006-3229?
How severe is CVE-2006-3229?
How do I fix CVE-2006-3229?
Are you affected by CVE-2006-3229?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST