CyberSec.Space Logo
Back to CVE Browser

CVE-2005-3428

MEDIUM
4.3
CVSS Severity Score
EPSS Score0.1550%
EPSS Percentile12.03th
PublishedNov 2, 2005
Last ModifiedApr 16, 2026

Vulnerability Description

Cross-site scripting (XSS) vulnerability in Rockliffe MailSite Express before 6.1.22 allows remote attackers to inject arbitrary web script or HTML via a message body.

Affected Platforms (CPE)

πŸ“¦
Rockliffe

Mailsite Express

<= 6.1.21

References & Advisories

πŸ”— http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0578.html
πŸ”— http://marc.info/?l=bugtraq&m=113053680631151&w=2
πŸ”— http://secunia.com/advisories/17240/
πŸ”— http://securitytracker.com/id?1015117
πŸ”— http://www.osvdb.org/20488
πŸ”— http://www.security-assessment.com/Advisories/Rockliffe_Express_Webmail_Vulnerabilities.pdf
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/22907
πŸ”— https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1052

Related Vulnerabilities

CVE-2005-34307.5

Incomplete blacklist vulnerability in Rockliffe MailSite Express before 6.1.22 allows remote attackers to upload and execute arbit...

CVE-2005-32875.0

Incomplete blacklist vulnerability in Mailsite Express allows remote attackers to upload and possibly execute files via attachment...

CVE-2005-32885.0

Mailsite Express allows remote attackers to upload and execute files with executable extensions such as ASP by attaching the file ...

CVE-2005-34315.0

Absolute path traversal vulnerability in Rockliffe MailSite Express before 6.1.22 allows remote attackers to read arbitrary files ...