CVE-2006-3522: XSS
First published: Wed Jul 12 2006(Updated: )
Cross-site scripting (XSS) vulnerability in Clearswift MIMEsweeper for Web before 5.1.15 Hotfix allows remote attackers to inject arbitrary web script or HTML via the URL, which is reflected back in an error message when trying to access a blocked web site.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Clearswift MIMEsweeper for Web | <=5.1.14 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://download.mimesweeper.com/www/TechnicalDocumentation/WebReadMeHotfix5115.htm
- http://secunia.com/advisories/20998
- http://securitytracker.com/id?1016454
- http://www.securityfocus.com/bid/18916
- http://www.vupen.com/english/advisories/2006/2731
- http://marc.info/?l=full-disclosure&m=115253898206225&w=2
- http://marc.info/?l=full-disclosure&m=115253320721404&w=2
- http://marc.info/?l=full-disclosure&m=115249298204354&w=2
- https://exchange.xforce.ibmcloud.com/vulnerabilities/27642
- http://www.securityfocus.com/archive/1/440140/100/0/threaded
- http://www.securityfocus.com/archive/1/439641/100/0/threaded
- collector/nvd-historical
- collector/nvd-index
- agent/severity
- agent/references
- agent/weakness
- agent/author
- agent/description
- agent/type
- agent/event
- agent/softwarecombine
- agent/remedy
- agent/last-modified-date
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/clearswift
- canonical/clearswift mimesweeper for web
- version/clearswift mimesweeper for web/5.1.14