Unrated severityNVD Advisory· Published Jan 28, 2010· Updated Jun 16, 2026
CVE-2004-2765
CVE-2004-2765
Description
Cross-site scripting (XSS) vulnerability in Webmail in Sun ONE Messaging Server 6.1 and iPlanet Messaging Server 5.2 before 5.2hf2.02, when Internet Explorer is used, allows remote attackers to inject arbitrary web script or HTML via a crafted e-mail message, a different vulnerability than CVE-2005-2022 and CVE-2006-5486.
Affected products
4cpe:2.3:a:sun:iplanet_messaging_server:5.2:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:sun:iplanet_messaging_server:5.2:*:*:*:*:*:*:*
- cpe:2.3:a:sun:one_messaging_server:6.1:*:*:*:*:*:*:*
- (no CPE)range: <5.2hf2.02
- Range: 6.1
Patches
Vulnerability mechanics
References
2- sunsolve.sun.com/search/document.donvdPatch
- sunsolve.sun.com/search/document.donvdPatchVendor Advisory
News mentions
0No linked articles in our index yet.