CVE-2010-3201

Cross-site scripting (XSS) vulnerability in NetWin Surgemail before 4.3g allows remote attackers to inject arbitrary web script or HTML via the username_ex parameter to the surgeweb program.
Cross-site Scripting
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 82%
VendorProductVersion
netwinsurgemail
𝑥
≤ 4.2d4-4
netwinsurgemail
1.0c:c
netwinsurgemail
1.0d:d
netwinsurgemail
1.1a:a
netwinsurgemail
1.1b:b
netwinsurgemail
1.1c:c
netwinsurgemail
1.1d:d
netwinsurgemail
1.2a:a
netwinsurgemail
1.2b:b
netwinsurgemail
1.2c:c
netwinsurgemail
1.3a:a
netwinsurgemail
1.3a_rc1:a_rc1
netwinsurgemail
1.3b:b
netwinsurgemail
1.3c:c
netwinsurgemail
1.3d:d
netwinsurgemail
1.3e:e
netwinsurgemail
1.3f:f
netwinsurgemail
1.3g:g
netwinsurgemail
1.3h:h
netwinsurgemail
1.3i:i
netwinsurgemail
1.3j:j
netwinsurgemail
1.3k:k
netwinsurgemail
1.3l:l
netwinsurgemail
1.4a:a
netwinsurgemail
1.4b:b
netwinsurgemail
1.4c:c
netwinsurgemail
1.5a:a
netwinsurgemail
1.5b:b
netwinsurgemail
1.5c:c
netwinsurgemail
1.5d:d
netwinsurgemail
1.5d2:d2
netwinsurgemail
1.5f:f
netwinsurgemail
1.6a:a
netwinsurgemail
1.6b:b
netwinsurgemail
1.6d:d
netwinsurgemail
1.6e:e
netwinsurgemail
1.6e2:e2
netwinsurgemail
1.7a:a
netwinsurgemail
1.7b3:b3
netwinsurgemail
1.8a:a
netwinsurgemail
1.8b3:b3
netwinsurgemail
1.8d:d
netwinsurgemail
1.8e:e
netwinsurgemail
1.8f:f
netwinsurgemail
1.8g3:g3
netwinsurgemail
1.9
netwinsurgemail
1.9b2:b2
netwinsurgemail
2.0a2:a2
netwinsurgemail
2.0c:c
netwinsurgemail
2.0e:e
netwinsurgemail
2.0g2:g2
netwinsurgemail
2.1a:a
netwinsurgemail
2.1c7:c7
netwinsurgemail
2.2a6:a6
netwinsurgemail
2.2c9:c9
netwinsurgemail
2.2c10:c10
netwinsurgemail
2.2g2:g2
netwinsurgemail
2.2g3:g3
netwinsurgemail
3.0a:a
netwinsurgemail
3.0c2:c2
netwinsurgemail
3.1s:s
netwinsurgemail
3.2e:e
netwinsurgemail
3.5a:a
netwinsurgemail
3.5b3:b3
netwinsurgemail
3.6d:d
netwinsurgemail
3.6f3:f3
netwinsurgemail
3.6f5:f5
netwinsurgemail
3.6f7:f7
netwinsurgemail
3.7b:b
netwinsurgemail
3.7b3:b3
netwinsurgemail
3.7b5:b5
netwinsurgemail
3.7b6:b6
netwinsurgemail
3.7b7:b7
netwinsurgemail
3.7b8:b8
netwinsurgemail
3.8a:a
netwinsurgemail
3.8b:b
netwinsurgemail
3.8d:d
netwinsurgemail
3.8f:f
netwinsurgemail
3.8f2:f2
netwinsurgemail
3.8f3:f3
netwinsurgemail
3.8i:i
netwinsurgemail
3.8i2:i2
netwinsurgemail
3.8i3:i3
netwinsurgemail
3.8k:k
netwinsurgemail
3.8k2:k2
netwinsurgemail
3.8k3:k3
netwinsurgemail
3.8k4:k4
netwinsurgemail
3.8m:m
netwinsurgemail
3.8o:o
netwinsurgemail
3.8q:q
netwinsurgemail
3.8s:s
netwinsurgemail
3.8u:u
netwinsurgemail
3.9a:a
netwinsurgemail
3.9c:c
netwinsurgemail
3.9e:e
netwinsurgemail
3.9g:g
netwinsurgemail
3.9g2:g2
netwinsurgemail
4.0a:a
netwinsurgemail
4.0k:k
netwinsurgemail
4.0u3:u3
netwinsurgemail
4.0u4:u4
netwinsurgemail
4.0v-8:v
netwinsurgemail
4.2a2-2:a2
netwinsurgemail
4.2a2-3:a2
netwinsurgemail
4.2a3-3:a3
netwinsurgemail
4.2d-1:d
netwinsurgemail
4.2d2-2:d2
netwinsurgemail
4.2d3-3:d3
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://ictsec.se/?p=108
http://secunia.com/advisories/41685
http://www.securityfocus.com/archive/1/514115/100/0/threaded
http://www.securityfocus.com/bid/43679
https://www.exploit-db.com/exploits/34797/
http://ictsec.se/?p=108
http://secunia.com/advisories/41685
http://www.securityfocus.com/archive/1/514115/100/0/threaded
http://www.securityfocus.com/bid/43679
https://www.exploit-db.com/exploits/34797/