Back to search
CVE-2006-5652
Published: Nov 3, 2006
Modified: Aug 7, 2024
PUBLISHED
Description
Cross-site scripting (XSS) vulnerability in Sun iPlanet Messaging Server Messenger Express allows remote attackers to inject arbitrary web script via the expression Cascading Style Sheets (CSS) function, as demonstrated by setting the width style for an IMG element. NOTE: this issue might be related to CVE-2006-5486, however due to the vagueness of the initial advisory and different researchers, it has been assigned a new CVE.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
sun-messaging-expression-xss(29929)
vdb-entry
x_refsource_XF
20838
vdb-entry
x_refsource_BID
20061031 Cross Site Scripting (XSS) Vulnerability in iPlanet Messaging Server Messenger Express by "Sun"
mailing-list
x_refsource_FULLDISC
20061031 Cross Site Scripting (XSS) Vulnerability in iPlanet Messaging Server Messenger Express by "Sun"
mailing-list
x_refsource_BUGTRAQ
1806
third-party-advisory
x_refsource_SREASON
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now