CVE-2006-3174

Опубликовано: 23 июн. 2006

Источник: debian

EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in search.php in SquirrelMail 1.5.1 and earlier, when register_globals is enabled, allows remote attackers to inject arbitrary HTML via the mailbox parameter.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
squirrelmail	fixed	2:1.4.7-1		package

Примечания

Operation with registers_globals not supported

EPSS

Процентиль: 78%

0.01159

Низкий

Связанные уязвимости

CVE-2006-3174

ubuntu

больше 19 лет назад

Cross-site scripting (XSS) vulnerability in search.php in SquirrelMail 1.5.1 and earlier, when register_globals is enabled, allows remote attackers to inject arbitrary HTML via the mailbox parameter.

CVE-2006-3174

nvd

больше 19 лет назад

Cross-site scripting (XSS) vulnerability in search.php in SquirrelMail 1.5.1 and earlier, when register_globals is enabled, allows remote attackers to inject arbitrary HTML via the mailbox parameter.

GHSA-44cp-qvgc-fw4j

github

больше 3 лет назад

Cross-site scripting (XSS) vulnerability in search.php in SquirrelMail 1.5.1 and earlier, when register_globals is enabled, allows remote attackers to inject arbitrary HTML via the mailbox parameter.

EPSS

Процентиль: 78%

0.01159

Низкий