Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

SquirrelMail < 1.4.4-RC1 webmail.php XSS

Medium

Synopsis

The remote host is running SquirrelMail, a webmail system written in PHP.

Description

The remote host is running SquirrelMail, a webmail system written in PHP. Versions of SquirrelMail prior to 1.4.4-RC1 are vulnerable to a cross-site scripting (XSS) vulnerability. A remote attacker can exploit this flaw to run malicious code within a web browser.

Solution

Upgrade to version 1.4.4-RC1 or higher.