logo
DATABASE RESOURCES PRICING ABOUT US

JVN#30881447: SquirrelMail vulnerable to cross-site request forgery

Description

SquirrelMail from SquirrelMail Project is an open source webmail (web-based email). SquirrelMail contains an issue in processing of sending a message or setting changes, which may result in cross-site request forgery. ## Impact A remote attacker may send an arbitrary email or change the settings. ## Solution **Update the Software** Update to the latest version of SquirrelMail according to the information provided by the developer. The issue was resolved in SquirrelMail 1.4.20. ## Products Affected * SquirrelMail 1.4.19 and earlier


Related