Red Hat Security Advisory 2012-0103-01 - SquirrelMail is a standards-based webmail package written in PHP. A cross-site scripting flaw was found in the way SquirrelMail performed the sanitization of HTML style tag content. A remote attacker could use this flaw to send a specially-crafted Multipurpose Internet Mail Extensions message that, when opened by a victim, would lead to arbitrary web script execution in the context of their SquirrelMail session. Multiple cross-site scripting flaws were found in SquirrelMail. A remote attacker could possibly use these flaws to execute arbitrary web script in the context of a victim's SquirrelMail session.
040b4b10a49caa004db71999e8f7658921ee27aeb022c6727ca45cd9c27514adMandriva Linux Security Advisory 2011-123 - Multiple vulnerabilities has been discovered and corrected in squirrelmail. These range from clickjacking to cross site scripting issues. The updated packages have been upgraded to the 1.4.22 version which is not vulnerable to these issues.
33bcf8f8683ef52c64848ced235d1435a53eb7cb13cf42a1d2d0b5e5c727a517Debian Linux Security Advisory 2291-1 - Various vulnerabilities have been found in SquirrelMail, a webmail application.
bfd57caaec768d351d8f4dfd46f6825fcffeed06abe70a51896f408e20e8568b
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed