Squirrelmail · Squirrelmail Autocomplete Plugin · CVE-2012-0323
**Name of the Vulnerable Software and Affected Versions**
SquirrelMail Autocomplete plugin versions prior to 3.0
**Description**
A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML.
**Recommendations**
For versions prior to 3.0, update the Autocomplete plugin to version 3.0 or later to resolve the issue.