Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2025-30090

Опубликовано: 02 апр. 2025
Источник: debian

Описание

mime.php in SquirrelMail through 1.4.23-svn-20250401 and 1.5.x through 1.5.2-svn-20250401 allows XSS via e-mail headers, because JavaScript payloads are mishandled after $encoded has been set to true.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
squirrelmailremovedpackage

Связанные уязвимости

ubuntu логотип

CVE-2025-30090

CVSS3: 7.2
ubuntu
10 месяцев назад

mime.php in SquirrelMail through 1.4.23-svn-20250401 and 1.5.x through 1.5.2-svn-20250401 allows XSS via e-mail headers, because JavaScript payloads are mishandled after $encoded has been set to true.

nvd логотип

CVE-2025-30090

CVSS3: 7.2
nvd
10 месяцев назад

mime.php in SquirrelMail through 1.4.23-svn-20250401 and 1.5.x through 1.5.2-svn-20250401 allows XSS via e-mail headers, because JavaScript payloads are mishandled after $encoded has been set to true.

github логотип

GHSA-rj9p-v8v3-qjg9

CVSS3: 7.2
github
10 месяцев назад

mime.php in SquirrelMail through 1.4.23-svn-20250401 and 1.5.x through 1.5.2-svn-20250401 allows XSS via e-mail headers, because JavaScript payloads are mishandled after $encoded has been set to true.