Package : squirrelmail Version : 2:1.4.23~svn20120406-2+deb8u3 CVE IDs : CVE-2018-14950 CVE-2018-14951 CVE-2018-14952 CVE-2018-14953 CVE-2018-14954 CVE-2018-14955 Debian Bug : #905023
It was discovered that there were a number of Cross Site Scripting (XSS) vulnerabilities in the squirrelmail webmail client.
For Debian 8 "Jessie", these issues has been fixed in squirrelmail version 2:1.4.23~svn20120406-2+deb8u3.
We recommend that you upgrade your squirrelmail packages.
,''`. : :' : Chris Lamb `. `'` email@example.com / chris-lamb.co.uk `-