Описание
Cross-site request forgery (CSRF) vulnerability in compose.php in SquirrelMail 1.4.0 through 1.4.9a allows remote attackers to send e-mails from arbitrary users via certain data in the SRC attribute of an IMG element.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 1.4.6-1ubuntu0.1 |
| devel | released | 1.4.10a-2 |
| edgy | released | 1.4.8-1ubuntu0.1 |
| feisty | released | 1.4.9a-1ubuntu0.1 |
| upstream | needs-triage |
Показывать по
Ссылки на источники
EPSS
5 Medium
CVSS2
Связанные уязвимости
Cross-site request forgery (CSRF) vulnerability in compose.php in SquirrelMail 1.4.0 through 1.4.9a allows remote attackers to send e-mails from arbitrary users via certain data in the SRC attribute of an IMG element.
Cross-site request forgery (CSRF) vulnerability in compose.php in SquirrelMail 1.4.0 through 1.4.9a allows remote attackers to send e-mails from arbitrary users via certain data in the SRC attribute of an IMG element.
Cross-site request forgery (CSRF) vulnerability in compose.php in Squi ...
Cross-site request forgery (CSRF) vulnerability in compose.php in SquirrelMail 1.4.0 through 1.4.9a allows remote attackers to send e-mails from arbitrary users via certain data in the SRC attribute of an IMG element.
ELSA-2007-0358: Moderate: squirrelmail security update (MODERATE)
EPSS
5 Medium
CVSS2