CVE-2006-3233
Last modified
CVE-2006-3233 is a vulnerability of currently unknown severity. Cross-site scripting (XSS) vulnerability in openwebmail-read.pl in Open WebMail (OWM) 2.52, and other versions released before 06/18/2006, allows remote attackers to inject arbitrary web script or HTML via the from field. NOTE: some third party sources have mentioned the "to" and "from" fields, although CVE analysis shows that these are associated with the previous version, a different executable, and a different CVE.. EPSS estimates a 1.32% chance of exploitation in the next 30 days.
Description
Cross-site scripting (XSS) vulnerability in openwebmail-read.pl in Open WebMail (OWM) 2.52, and other versions released before 06/18/2006, allows remote attackers to inject arbitrary web script or HTML via the from field. NOTE: some third party sources have mentioned the "to" and "from" fields, although CVE analysis shows that these are associated with the previous version, a different executable, and a different CVE.
Metrics
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Open Webmail | Open Webmail | <= 2.52 |
| Open Webmail | Open Webmail | 1.7 |
| Open Webmail | Open Webmail | 1.8 |
| Open Webmail | Open Webmail | 1.71 |
| Open Webmail | Open Webmail | 1.81 |
| Open Webmail | Open Webmail | 1.90 |
| Open Webmail | Open Webmail | 2.5 |
| Open Webmail | Open Webmail | 2.20 |
| Open Webmail | Open Webmail | 2.21 |
| Open Webmail | Open Webmail | 2.30 |
| Open Webmail | Open Webmail | 2.31 |
| Open Webmail | Open Webmail | 2.32 |
| Open Webmail | Open Webmail | 2.41 |
| Open Webmail | Open Webmail | 2.51 |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2006-3233?
How severe is CVE-2006-3233?
How do I fix CVE-2006-3233?
Are you affected by CVE-2006-3233?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST