Cross-site scripting (XSS) vulnerability in read_body.php for SquirrelMail 1.2.10, 1.2.9, and earlier allows remote attackers to insert script and HTML via the (1) mailbox and (2) passed_id parameters.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Squirrelmail | Squirrelmail | 1.2.6 (including) | 1.2.6 (including) |
Squirrelmail | Squirrelmail | 1.2.7 (including) | 1.2.7 (including) |
Squirrelmail | Squirrelmail | 1.2.8 (including) | 1.2.8 (including) |
Squirrelmail | Squirrelmail | 1.2.9 (including) | 1.2.9 (including) |
Squirrelmail | Squirrelmail | 1.2.10 (including) | 1.2.10 (including) |