Squirrelmail : Security Vulnerabilities, CVEs, Published In 2011 (XSS) CVSS score >= 4
Cross-site scripting (XSS) vulnerability in functions/mime.php in SquirrelMail before 1.4.22 allows remote attackers to inject arbitrary web script or HTML via a crafted STYLE element in an e-mail message.
Max CVSS
4.3
EPSS Score
0.32%
Published
2011-07-14
Updated
2012-02-14
Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1.4.21 and earlier allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) drop-down selection lists, (2) the > (greater than) character in the SquirrelSpell spellchecking plugin, and (3) errors associated with the Index Order (aka options_order) page.
Max CVSS
4.3
EPSS Score
0.32%
Published
2011-07-14
Updated
2017-08-17
2 vulnerabilities found