SquirrelMail < 1.4.3 Multiple Vulnerabilities
Critical Nessus Network Monitor Plugin ID 1217
SynopsisThe remote host is vulnerable to XSS and SQL injection flaws
DescriptionSquirrelMail is a web-based mail server. There are several flaws in all versions prior to 1.4.3 that allow for remote cross-site scripting (XSS) attacks and SQL injection attacks.
SolutionUpgrade to SquirrelMail 1.4.3 or later.