TWIG Webmail SQL Query Modification Vulnerability

TWIG Webmail SQL Query Modification Vulnerability

Solution:
It is advised that if TWIG Webmail is to remain in use, administrators should fix the query strings manually. The vulnerability can be patched if quotes are added around variables in query strings.

Currently the SecurityFocus staff are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>.