Unrated severityNVD Advisory· Published Aug 17, 2004· Updated Apr 16, 2026
CVE-2004-1719
CVE-2004-1719
Description
Multiple cross-site scripting (XSS) vulnerabilities in Merak Webmail Server 5.2.7 allow remote attackers to inject arbitrary web script or HTML via the (1) category, (2) cserver, (3) ext, (4) global, (5) showgroups, (6) or showlite parameters to address.html, or the (7) spage or (8) autoresponder parameters to settings.html, the (9) folder parameter to readmail.html, or the (10) attachmentpage_text_error parameter to attachment.html, (11) folder, (12) ct, or (13) cv parameters to calendar.html, (14) an <img> tag, or (15) the subject of an e-mail message.
Affected products
1- cpe:2.3:a:merak:mail_server:7.4.5:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
12- www.osvdb.org/9037nvdPatchVendor Advisory
- www.osvdb.org/9038nvdPatchVendor Advisory
- www.osvdb.org/9039nvdPatchVendor Advisory
- www.osvdb.org/9040nvdPatchVendor Advisory
- www.osvdb.org/9041nvdPatchVendor Advisory
- www.osvdb.org/9042nvdPatchVendor Advisory
- packetstormsecurity.nl/0408-exploits/merak527.txtnvdExploitPatchVendor Advisory
- secunia.com/advisories/12269nvdExploitPatchVendor Advisory
- www.securityfocus.com/bid/10966nvdExploitPatchVendor Advisory
- marc.infonvd
- securitytracker.com/idnvd
- exchange.xforce.ibmcloud.com/vulnerabilities/17024nvd
News mentions
0No linked articles in our index yet.