CVE		CVE-2007-0953
Статус		Candidate
Описание		Cross-site scripting (XSS) vulnerability in search.pl in @Mail 4.61 and earlier allows remote attackers to inject arbitrary web script or HTML via the keywords parameter.
Важность		Low
CVSS score		1,9
CVSS vector		(AV:R/AC:H/Au:NR/C:N/I:P/A:N/B:N)
Phase		Assigned (14.02.2007)
NVD:		http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-0953
References		BID : 22552
		FRSIRT : ADV-2007-0603
		MISC : http://lostmon.blogspot.com/2007/02/mail-searchpl-...
		SECUNIA : 24155
SecurityVulns:		Ежедневная сводка ошибок в Web-приложениях (PHP, ASP, JSP, CGI, Perl )