Описание
The mail message display page in SquirrelMail through 1.4.22 has XSS via the formaction attribute.
The mail message display page in SquirrelMail through 1.4.22 has XSS via the formaction attribute.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2018-14954
- https://bugs.debian.org/905023
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CVXTYMZ35IC5KPNMAE6BWAQWURMX7KZO
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T5FP5O562A4FM5TCFNEW73SS6PZONSAC
- https://sourceforge.net/p/squirrelmail/bugs/2831
- http://www.openwall.com/lists/oss-security/2018/07/26/2
Связанные уязвимости
CVSS3: 6.1
ubuntu
больше 7 лет назад
The mail message display page in SquirrelMail through 1.4.22 has XSS via the formaction attribute.
CVSS3: 8.7
redhat
больше 7 лет назад
The mail message display page in SquirrelMail through 1.4.22 has XSS via the formaction attribute.
CVSS3: 6.1
nvd
больше 7 лет назад
The mail message display page in SquirrelMail through 1.4.22 has XSS via the formaction attribute.
CVSS3: 6.1
debian
больше 7 лет назад
The mail message display page in SquirrelMail through 1.4.22 has XSS v ...