First published: Thu Jun 03 2004(Updated: )
Cross-site scripting (XSS) vulnerability in mime.php for SquirrelMail before 1.4.3 allows remote attackers to insert arbitrary HTML and script via the content-type mail header, as demonstrated using read_body.php.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Squirrelmail Squirrelmail | =1.4.2 | |
Squirrelmail Squirrelmail | =1.2.7 | |
Squirrelmail Squirrelmail | =1.2.0 | |
SGI ProPack | =3.0 | |
Squirrelmail Squirrelmail | =1.2.9 | |
Squirrelmail Squirrelmail | =1.4.3_rc1 | |
Squirrelmail Squirrelmail | =1.2.2 | |
Open Webmail Open Webmail | =2.30 | |
Squirrelmail Squirrelmail | =1.2.1 | |
Squirrelmail Squirrelmail | =1.4.1 | |
Squirrelmail Squirrelmail | =1.4 | |
Squirrelmail Squirrelmail | =1.2.4 | |
Squirrelmail Squirrelmail | =1.2.3 | |
Open Webmail Open Webmail | =2.31 | |
Squirrelmail Squirrelmail | =1.2.6 | |
Squirrelmail Squirrelmail | =1.2.10 | |
Squirrelmail Squirrelmail | =1.2.5 | |
Open Webmail Open Webmail | =2.32 | |
Squirrelmail Squirrelmail | =1.2.8 | |
Squirrelmail Squirrelmail | =1.2.11 | |
Squirrelmail Squirrelmail | =1.5_dev |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.