Cross-Site Scripting Vulnerabilities in Nokia Intellisync Mobile Suite
CVE-2007-2592

Currently unrated

Key Information:

Vendor
Nokia
Status
Groupwise Mobile Server
Intellisync Mobile Suite
Intellisync Wireless Email Express
Vendor
CVE Published:
11 May 2007

Summary

Nokia Intellisync Mobile Suite contains multiple cross-site scripting (XSS) vulnerabilities that expose users to the risk of arbitrary web script or HTML injection. Attackers can exploit these vulnerabilities via manipulation of parameters, specifically targeting login and registration processes within the application. This flaw exists across various capabilities involved in mobile email synchronization, emphasizing a critical need for users to ensure their installations are updated and patched against potential exploits.

References

http://www.sec-consult.com/289.html
x_refsource_MISC
http://osvdb.org/34517
vdb-entryx_refsource_OSVDB
http://support.novell.com/docs/Readmes/InfoDocument/patch...
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2007-2592 : Cross-Site Scripting Vulnerabilities in Nokia Intellisync Mobile Suite | SecurityVulnerability.io