SquirrelMail Multiple Cross Site Scripting and Input Validation Vulnerabilities

SquirrelMail is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data.

Exploiting these issues could allow an attacker to steal cookie-based authentication credentials and to launch other attacks.

Versions prior to SquirrelMail 1.4.9a are vulnerable.


 

Privacy Statement
Copyright 2010, SecurityFocus