Cross-site request forgery (CSRF) vulnerability in compose.php in SquirrelMail prior to 1.2.3 allows remote malicious users to send email as other users via an IMG URL with modified send_to and subject parameters.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
squirrelmail squirrelmail 1.2.2 |