SquirrelMail flaws fixed

A number of cross-scripting vulnerabilities have been found in SquirrelMail, a PHP-based Webmail application. An attacker could exploit this by sending specially crafted URLs to the intended victim, allowing the attacker to take control of the user's session. For more, go to:

http://www.squirrelmail.org/security/issue/2005-06-15

Related Gentoo fix: http://security.gentoo.org/glsa/glsa-200506-19.xml

Join the newsletter!

Error: Please check your email address.
Show Comments