PT-2008-3857 · Squirrelmail+1 · Squirrelmail+1

Publicado

2008-12-05

·

Atualizado

2017-09-29

·

CVE-2008-2379

CVSS v2.0

4.3

Média

VetorAV:N/AC:M/Au:N/C:N/I:P/A:N
Name of the Vulnerable Software and Affected Versions: SquirrelMail versions prior to 1.4.17
Description: A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via a crafted hyperlink in an HTML part of an e-mail message.
Recommendations: For versions prior to 1.4.17, update to version 1.4.17 or later to resolve the issue.

Correção

XSS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-79

Identificadores relacionados

CVE-2008-2379
DSA-1682-1
RHSA-2009:0010
RHSA-2009_0010

Produtos afetados

Red Hat
Squirrelmail