CVE-2005-2595
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
17/08/2005
Last modified:
03/04/2025
Description
Cross-site scripting (XSS) vulnerability in Dada Mail before 2.10 Alpha 1 allows remote attackers to execute arbitrary Javascript via archived messages.
Impact
Base Score 2.0
4.30
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:dada_mail:dada_mail:2.8.10:*:*:*:*:*:*:* | ||
| cpe:2.3:a:dada_mail:dada_mail:2.8.11:*:*:*:*:*:*:* | ||
| cpe:2.3:a:dada_mail:dada_mail:2.8.12:*:*:*:*:*:*:* | ||
| cpe:2.3:a:dada_mail:dada_mail:2.8.12_beta:*:*:*:*:*:*:* | ||
| cpe:2.3:a:dada_mail:dada_mail:2.8.13:*:*:*:*:*:*:* | ||
| cpe:2.3:a:dada_mail:dada_mail:2.8.13_alpha1:*:*:*:*:*:*:* | ||
| cpe:2.3:a:dada_mail:dada_mail:2.8.13_alpha2:*:*:*:*:*:*:* | ||
| cpe:2.3:a:dada_mail:dada_mail:2.8.14_alpha1:*:*:*:*:*:*:* | ||
| cpe:2.3:a:dada_mail:dada_mail:2.8.14_beta1:*:*:*:*:*:*:* | ||
| cpe:2.3:a:dada_mail:dada_mail:2.8.14_rc1:*:*:*:*:*:*:* | ||
| cpe:2.3:a:dada_mail:dada_mail:2.8.14_rc2:*:*:*:*:*:*:* | ||
| cpe:2.3:a:dada_mail:dada_mail:2.8.15:*:*:*:*:*:*:* | ||
| cpe:2.3:a:dada_mail:dada_mail:2.8.15_alpha1:*:*:*:*:*:*:* | ||
| cpe:2.3:a:dada_mail:dada_mail:2.8.15_beta1:*:*:*:*:*:*:* | ||
| cpe:2.3:a:dada_mail:dada_mail:2.8.15_rc1:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page