Vulnerabilities > CVE-2003-0160 - Unspecified vulnerability in Squirrelmail

047910
CVSS 5.8 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
NONE
network
squirrelmail
NVD
Published: 2003-04-02
Updated: 2017-10-11

Summary

Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail before 1.2.11 allow remote attackers to inject arbitrary HTML code and steal information from a client's web browser.

Vulnerable Configurations

Part Description Count
Application
Squirrelmail
24

Oval

accepted2007-04-25T19:52:37.549-04:00
classvulnerability
contributors
  • nameJay Beale
    organizationBastille Linux
  • nameJay Beale
    organizationBastille Linux
  • nameThomas R. Jones
    organizationMaitreya Security
descriptionMultiple cross-site scripting (XSS) vulnerabilities in SquirrelMail before 1.2.11 allow remote attackers to inject arbitrary HTML code and steal information from a client's web browser.
familyunix
idoval:org.mitre.oval:def:614
statusaccepted
submitted2003-08-17T12:00:00.000-04:00
titleSqirrelMail Cross-site Scripting Vulnerabilities
version38

Redhat

advisories
rhsa
idRHSA-2003:112

References