Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-c544-w4qx-cm4p

Опубликовано: 30 апр. 2022
Источник: github
Github: Не прошло ревью

Описание

An incomplete fix for a cross-site scripting (XSS) vulnerability in SquirrelMail 1.2.8 calls the strip_tags function on the PHP_SELF value but does not save the result back to that variable, leaving it open to cross-site scripting attacks.

An incomplete fix for a cross-site scripting (XSS) vulnerability in SquirrelMail 1.2.8 calls the strip_tags function on the PHP_SELF value but does not save the result back to that variable, leaving it open to cross-site scripting attacks.

EPSS

Процентиль: 70%
0.00636
Низкий

Связанные уязвимости

redhat
почти 23 года назад

An incomplete fix for a cross-site scripting (XSS) vulnerability in SquirrelMail 1.2.8 calls the strip_tags function on the PHP_SELF value but does not save the result back to that variable, leaving it open to cross-site scripting attacks.

nvd
больше 22 лет назад

An incomplete fix for a cross-site scripting (XSS) vulnerability in SquirrelMail 1.2.8 calls the strip_tags function on the PHP_SELF value but does not save the result back to that variable, leaving it open to cross-site scripting attacks.

debian
больше 22 лет назад

An incomplete fix for a cross-site scripting (XSS) vulnerability in Sq ...

EPSS

Процентиль: 70%
0.00636
Низкий