First published: Thu Jun 03 2004(Updated: )
Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1.4.2 allow remote attackers to execute arbitrary script as other users and possibly steal authentication information via multiple attack vectors, including the mailbox parameter in compose.php.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Squirrelmail Squirrelmail | =1.4.2 | |
Squirrelmail Squirrelmail | =1.0.5 | |
Squirrelmail Squirrelmail | =1.2.7 | |
Squirrelmail Squirrelmail | =1.2.0 | |
SGI ProPack | =3.0 | |
Squirrelmail Squirrelmail | =1.2.9 | |
Squirrelmail Squirrelmail | =1.2.2 | |
Squirrelmail Squirrelmail | =1.2.1 | |
Squirrelmail Squirrelmail | =1.4.1 | |
Squirrelmail Squirrelmail | =1.4 | |
Squirrelmail Squirrelmail | =1.2.4 | |
Squirrelmail Squirrelmail | =1.2.3 | |
Squirrelmail Squirrelmail | =1.0.4 | |
Squirrelmail Squirrelmail | =1.2.6 | |
Squirrelmail Squirrelmail | =1.2.10 | |
Squirrelmail Squirrelmail | =1.2.5 | |
Squirrelmail Squirrelmail | =1.2.8 | |
Squirrelmail Squirrelmail | =1.2.11 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.