what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Mandriva Linux Security Advisory 2006.226

Posted Dec 12, 2006

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Multiple cross site scripting (XSS) vulnerabilities in SquirrelMail 1.4.0 through 1.4.9 allow remote attackers to inject arbitrary web script or HTML via the mailto parameter in webmail.php, the session and delete_draft parameters in compose.php, and unspecified vectors involving "a shortcoming in the magicHTML filter."

tags | advisory, remote, web, arbitrary, php, vulnerability, xss

systems | linux, mandriva

advisories | CVE-2006-6142

SHA-256 | f780fe058ce85352014c4edd201ec80a122360a88b9dab812c245504a3efbfc4

Download | Favorite | View

Related Files

No related files