CVE-2005-3692

MEDIUM

Description

Cross-site scripting (XSS) vulnerability in AMAX Magic Winmail Server 4.2 (build 0824) and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) retid parameter in badlogin.php, (2) Content-Type headers in HTML mails, and (3) HTML mail attachments.

Affected routers (1)

Vendor	Model	Matched via	Affected versions	Fixed in	Patch Status
Ubiquiti	Ubiquiti EdgeRouter 4	—	—	—	Likely Patched

External references

• NIST NVD
• MITRE CVE