Squirrelmail : Security Vulnerabilities, CVEs, Published In July 2005 (XSS)
options_identities.php in SquirrelMail 1.4.4 and earlier uses the extract function to process the $_POST variable, which allows remote attackers to modify or read the preferences of other users, conduct cross-site scripting XSS) attacks, and write arbitrary files.
Max CVSS
4.3
EPSS Score
0.56%
Published
2005-07-13
Updated
2017-10-11
1 vulnerabilities found