Andrew Archibald discovered that the last update to squirrelmail which
was intended to fix several problems caused a regression which got
exposed when the user hits a session timeout For completeness below
is the original advisory text:
Several vulnerabilities have been discovered in Squirrelmail, a
commonly used webmail system The Common Vuln ...