Squirrelmail : Security Vulnerabilities, CVEs, Published In 2007 (CSRF)
Cross-site request forgery (CSRF) vulnerability in SquirrelMail 1.4.8-4.fc6 and earlier allows remote attackers to perform unspecified actions as arbitrary users via unspecified vectors. NOTE: this issue might overlap CVE-2007-2589 or CVE-2002-1648.
Max CVSS
7.5
EPSS Score
1.08%
Published
2007-05-13
Updated
2018-10-16
Cross-site request forgery (CSRF) vulnerability in compose.php in SquirrelMail 1.4.0 through 1.4.9a allows remote attackers to send e-mails from arbitrary users via certain data in the SRC attribute of an IMG element.
Max CVSS
5.0
EPSS Score
0.67%
Published
2007-05-11
Updated
2017-10-11
2 vulnerabilities found