Vulnerabilities > CVE-2002-1341 - Unspecified vulnerability in Squirrelmail

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

squirrelmail

nessus

NVD

Published: 2002-12-18

Updated: 2017-07-11

Summary

Cross-site scripting (XSS) vulnerability in read_body.php for SquirrelMail 1.2.10, 1.2.9, and earlier allows remote attackers to insert script and HTML via the (1) mailbox and (2) passed_id parameters.

Vulnerable Configurations

Part	Description	Count
Application	Squirrelmail Squirrelmail Squirrelmail 1.2.7 Squirrelmail Squirrelmail 1.2.9 Squirrelmail Squirrelmail 1.2.6 Squirrelmail Squirrelmail 1.2.10 Squirrelmail Squirrelmail 1.2.8	5

Nessus

NASL family	CGI abuses : XSS
NASL id	SQUIRREMAIL_CROSS_SITE_SCRIPTING.NASL
description	The remote host seems to be vulnerable to a security problem in SquirrelMail. The
last seen	2020-06-01
modified	2020-06-02
plugin id	11415
published	2003-03-19
reporter	This script is Copyright (C) 2003-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/11415
title	SquirrelMail 1.2.9 / 1.2.10 read_body.php Multiple Parameter XSS

NASL family	Debian Local Security Checks
NASL id	DEBIAN_DSA-220.NASL
description	A cross site scripting vulnerability has been discovered in squirrelmail, a feature-rich webmail package written in PHP4. Squirrelmail doesn
last seen	2020-06-01
modified	2020-06-02
plugin id	15057
published	2004-09-29
reporter	This script is Copyright (C) 2004-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/15057
title	Debian DSA-220-1 : squirrelmail - XSS

Redhat

advisories

rhsa

id	RHSA-2003:042

Summary

Vulnerable Configurations

Nessus

Redhat

References