CVE-2011-2753

Name of the Vulnerable Software and Affected Versions SquirrelMail versions 1.4.21 and earlier

Description The issue involves multiple cross-site request forgery (CSRF) vulnerabilities that allow remote attackers to hijack the authentication of victims. This is achieved through vectors involving the empty trash implementation and the Index Order (aka options order) page.

Recommendations For SquirrelMail versions 1.4.21 and earlier, update to a version later than 1.4.21 to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.