Unrated severityNVD Advisory· Published Dec 7, 2006· Updated Apr 23, 2026

CVE-2006-6364

Description

Cross-site scripting (XSS) vulnerability in error.php in Inside Systems Mail (ISMail) 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the error parameter.

Affected products

Inside Systems/Inside Systems
cpe:2.3:a:inside_systems:inside_systems:mail_2.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/23229nvdPatchVendor Advisory
www.insidesystems.net/projects/project.phpnvdPatch
www.securityfocus.com/bid/21424nvdVendor Advisory
securityreason.com/securityalert/1990nvd
www.securityfocus.com/archive/1/453420/100/0/threadednvd
www.vupen.com/english/advisories/2006/4848nvd
exchange.xforce.ibmcloud.com/vulnerabilities/30704nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.013
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000