CVE-2008-5769

Multiple cross-site scripting (XSS) vulnerabilities in Kerio MailServer before 6.6.2 allow remote attackers to inject arbitrary web script or HTML via the (1) folder parameter to mailCompose.php or the (2) daytime parameter to calendarEdit.php.  NOTE: some of these details are obtained from third party information.
Cross-site Scripting
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 65%
VendorProductVersion
keriokerio_mailserver
𝑥
≤ 6.6.1
keriokerio_mailserver
5.0
keriokerio_mailserver
5.1
keriokerio_mailserver
5.1.1
keriokerio_mailserver
5.6.3
keriokerio_mailserver
5.6.4
keriokerio_mailserver
5.6.5
keriokerio_mailserver
5.7.0
keriokerio_mailserver
5.7.1
keriokerio_mailserver
5.7.2
keriokerio_mailserver
5.7.3
keriokerio_mailserver
5.7.4
keriokerio_mailserver
5.7.5
keriokerio_mailserver
5.7.6
keriokerio_mailserver
5.7.7
keriokerio_mailserver
5.7.8
keriokerio_mailserver
5.7.9
keriokerio_mailserver
5.7.10
keriokerio_mailserver
6.0
keriokerio_mailserver
6.0.0
keriokerio_mailserver
6.0.1
keriokerio_mailserver
6.0.2
keriokerio_mailserver
6.0.3
keriokerio_mailserver
6.0.4
keriokerio_mailserver
6.0.5
keriokerio_mailserver
6.0.6
keriokerio_mailserver
6.0.7
keriokerio_mailserver
6.0.8
keriokerio_mailserver
6.0.9
keriokerio_mailserver
6.0.10
keriokerio_mailserver
6.1.1
keriokerio_mailserver
6.1.2
keriokerio_mailserver
6.1.3
keriokerio_mailserver
6.1.3_patch_1:_patch_1
keriokerio_mailserver
6.1.4
keriokerio_mailserver
6.2.0
keriokerio_mailserver
6.2.1
keriokerio_mailserver
6.2.2
keriokerio_mailserver
6.3.0
keriokerio_mailserver
6.3.1
keriokerio_mailserver
6.3.1_p1:_p1
keriokerio_mailserver
6.3.1_p2:_p2
keriokerio_mailserver
6.4.0
keriokerio_mailserver
6.4.1
keriokerio_mailserver
6.4.2
keriokerio_mailserver
6.5.0
keriokerio_mailserver
6.5.0:patch_1
keriokerio_mailserver
6.5.1
keriokerio_mailserver
6.5.2
keriokerio_mailserver
6.6.0
keriokerio_mailserver
6.6.0:patch_1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://secunia.com/advisories/32955
http://www.kerio.com/kms_history.html
http://www.kerio.com/security_advisory.html
http://www.securityfocus.com/bid/32863
http://www.vupen.com/english/advisories/2008/3442
https://exchange.xforce.ibmcloud.com/vulnerabilities/47397
http://secunia.com/advisories/32955
http://www.kerio.com/kms_history.html
http://www.kerio.com/security_advisory.html
http://www.securityfocus.com/bid/32863
http://www.vupen.com/english/advisories/2008/3442
https://exchange.xforce.ibmcloud.com/vulnerabilities/47397