Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1.4.2 allow remote malicious users to execute arbitrary script as other users and possibly steal authentication information via multiple attack vectors, including the mailbox parameter in compose.php.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
squirrelmail squirrelmail 1.0.4 |
||
squirrelmail squirrelmail 1.0.5 |
||
squirrelmail squirrelmail 1.2.4 |
||
squirrelmail squirrelmail 1.2.5 |
||
squirrelmail squirrelmail 1.2.10 |
||
squirrelmail squirrelmail 1.2.11 |
||
squirrelmail squirrelmail 1.2.8 |
||
squirrelmail squirrelmail 1.2.9 |
||
sgi propack 3.0 |
||
squirrelmail squirrelmail 1.2.2 |
||
squirrelmail squirrelmail 1.2.3 |
||
squirrelmail squirrelmail 1.4 |
||
squirrelmail squirrelmail 1.4.1 |
||
squirrelmail squirrelmail 1.4.2 |
||
squirrelmail squirrelmail 1.2.0 |
||
squirrelmail squirrelmail 1.2.1 |
||
squirrelmail squirrelmail 1.2.6 |
||
squirrelmail squirrelmail 1.2.7 |
Vulmon