Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1.4.0 through 1.4.4 allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors in (1) the URL or (2) an e-mail message.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Squirrelmail | Squirrelmail | 1.4.2 | 1.4.2 |
Squirrelmail | Squirrelmail | 1.4.3_rc1 | 1.4.3_rc1 |
Squirrelmail | Squirrelmail | 1.4.3 | 1.4.3 |
Squirrelmail | Squirrelmail | 1.4.1 | 1.4.1 |
Squirrelmail | Squirrelmail | 1.44 | 1.44 |
Squirrelmail | Squirrelmail | 1.4.3a | 1.4.3a |