Unrated severityNVD Advisory· Published May 11, 2007· Updated Apr 23, 2026

CVE-2007-2592

Description

Multiple cross-site scripting (XSS) vulnerabilities in Nokia Intellisync Mobile Suite 6.4.31.2, 6.6.0.107, and 6.6.2.2, possibly involving Novell Groupwise Mobile Server and Nokia Intellisync Wireless Email Express, allow remote attackers to inject arbitrary web script or HTML via the (1) username parameter to de/pda/dev_logon.asp and (2) multiple unspecified vectors in (a) usrmgr/registerAccount.asp, (b) de/create_account.asp, and other files.

Affected products

Nokia/Groupwise Mobile Server
cpe:2.3:a:nokia:groupwise_mobile_server:*:*:*:*:*:*:*:*
Nokia/Intellisync Mobile Suite3 versions
cpe:2.3:a:nokia:intellisync_mobile_suite:6.4.31.2:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:nokia:intellisync_mobile_suite:6.4.31.2:*:*:*:*:*:*:*
- cpe:2.3:a:nokia:intellisync_mobile_suite:6.6.0.107:*:*:*:*:*:*:*
- cpe:2.3:a:nokia:intellisync_mobile_suite:6.6.2.2:*:*:*:*:*:*:*
Nokia/Intellisync Wireless Email Express
cpe:2.3:a:nokia:intellisync_wireless_email_express:*:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/25212nvdPatchVendor Advisory
www.sec-consult.com/289.htmlnvdExploitVendor Advisory
osvdb.org/34515nvd
osvdb.org/34516nvd
osvdb.org/34517nvd
secunia.com/advisories/26199nvd
securityreason.com/securityalert/2689nvd
support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5005120.htmlnvd
www.securityfocus.com/archive/1/468048/100/0/threadednvd
www.securityfocus.com/bid/23889nvd
www.securitytracker.com/idnvd
www.vupen.com/english/advisories/2007/1727nvd
www.vupen.com/english/advisories/2007/2657nvd
exchange.xforce.ibmcloud.com/vulnerabilities/34187nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000