CVE-2004-2765
CVSS 4.3 - MEDIUM
Description
Cross-site scripting (XSS) vulnerability in Webmail in Sun ONE Messaging Server 6.1 and iPlanet Messaging Server 5.2 before 5.2hf2.02, when Internet Explorer is used, allows remote attackers to inject arbitrary web script or HTML via a crafted e-mail message, a different vulnerability than CVE-2005-2022 and CVE-2006-5486.
Affected Products
10| Vendor | Product | Version |
|---|---|---|
| sun | iplanet_messaging_server |
5.2
|
| sun | solaris |
2.6
|
| sun | solaris |
8.0
|
| sun | one_messaging_server |
6.1
|
| sun | solaris |
8.0
|
| sun | solaris |
9.0
|
| sun | one_messaging_server |
6.1
|
| sun | solaris |
9.0
|
| sun | one_messaging_server |
6.1
|
| redhat | enterprise_linux |
2.1
|
References
Weakness Types
CWE-79
CVE Information
- CVE ID:
CVE-2004-2765- Published:
- 2010-01-28
- Modified:
- 2026-04-29
- CVSS Score:
- 4.3
- Severity:
- MEDIUM
- Vector:
AV:N/AC:M/Au:N/C:N/I:P/A:N
Affected Vendors
redhat
sun
Quick Actions
CVSS Severity Scale
0.0 - 3.9
LOW
4.0 - 6.9
MEDIUM
7.0 - 8.9
HIGH
9.0 - 10.0
CRITICAL