Описание
The mail message display page in SquirrelMail through 1.4.22 has XSS via SVG animations (animate to attribute).
The mail message display page in SquirrelMail through 1.4.22 has XSS via SVG animations (animate to attribute).
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2018-14955
- https://bugs.debian.org/905023
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CVXTYMZ35IC5KPNMAE6BWAQWURMX7KZO
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T5FP5O562A4FM5TCFNEW73SS6PZONSAC
- https://sourceforge.net/p/squirrelmail/bugs/2831
- http://www.openwall.com/lists/oss-security/2018/07/26/2
Связанные уязвимости
CVSS3: 6.1
ubuntu
больше 7 лет назад
The mail message display page in SquirrelMail through 1.4.22 has XSS via SVG animations (animate to attribute).
CVSS3: 8.7
redhat
больше 7 лет назад
The mail message display page in SquirrelMail through 1.4.22 has XSS via SVG animations (animate to attribute).
CVSS3: 6.1
nvd
больше 7 лет назад
The mail message display page in SquirrelMail through 1.4.22 has XSS via SVG animations (animate to attribute).
CVSS3: 6.1
debian
больше 7 лет назад
The mail message display page in SquirrelMail through 1.4.22 has XSS v ...