This script is Copyright (C) 2006-2016 Tenable Network Security, Inc.
The remote FreeBSD host is missing one or more security-related
A Squirrelmail Advisory reports :
An extract($_POST) was done in options_identities.php which allowed
for an attacker to set random variables in that file. This could lead
to the reading (and possible writing) of other people's preferences,
cross site scripting or writing files in webserver-writable locations.
See also :
Update the affected packages.
Risk factor :
Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 3.7
Public Exploit Available : true