1.5.1

DATE	CVE	VULNERABILITY TITLE	RISK
2019-07-01	CVE-2019-12970	Cross-site Scripting vulnerability in Squirrelmail XSS was discovered in SquirrelMail through 1.4.22 and 1.5.x through 1.5.2. network squirrelmail CWE-79	4.3
2006-06-23	CVE-2006-3174	Cross-Site Scripting vulnerability in SquirrelMail Cross-site scripting (XSS) vulnerability in search.php in SquirrelMail 1.5.1 and earlier, when register_globals is enabled, allows remote attackers to inject arbitrary HTML via the mailbox parameter. network high complexity squirrelmail	2.6