Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

SquirrelMail < 1.4.3 Multiple Vulnerabilities

Critical

Synopsis

The remote host is vulnerable to XSS and SQL injection flaws

Description

SquirrelMail is a web-based mail server. There are several flaws in all versions prior to 1.4.3 that allow for remote cross-site scripting (XSS) attacks and SQL injection attacks.

Solution

Upgrade to SquirrelMail 1.4.3 or later.