CVE-2002-1341

2002-12-1805:00:00

[email protected]

web.nvd.nist.gov

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

5.6

Confidence

High

EPSS

0.009

Percentile

83.1%

JSON

Cross-site scripting (XSS) vulnerability in read_body.php for SquirrelMail 1.2.10, 1.2.9, and earlier allows remote attackers to insert script and HTML via the (1) mailbox and (2) passed_id parameters.

Affected configurations

Nvd

Node

squirrelmailsquirrelmailMatch1.2.6

squirrelmailsquirrelmailMatch1.2.7

squirrelmailsquirrelmailMatch1.2.8

squirrelmailsquirrelmailMatch1.2.9

squirrelmailsquirrelmailMatch1.2.10

VendorProductVersionCPE
squirrelmailsquirrelmail1.2.6cpe:2.3:a:squirrelmail:squirrelmail:1.2.6:*:*:*:*:*:*:*
squirrelmailsquirrelmail1.2.7cpe:2.3:a:squirrelmail:squirrelmail:1.2.7:*:*:*:*:*:*:*
squirrelmailsquirrelmail1.2.8cpe:2.3:a:squirrelmail:squirrelmail:1.2.8:*:*:*:*:*:*:*
squirrelmailsquirrelmail1.2.9cpe:2.3:a:squirrelmail:squirrelmail:1.2.9:*:*:*:*:*:*:*
squirrelmailsquirrelmail1.2.10cpe:2.3:a:squirrelmail:squirrelmail:1.2.10:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
squirrelmail	squirrelmail	1.2.6	cpe:2.3:a:squirrelmail:squirrelmail:1.2.6:::::::*
squirrelmail	squirrelmail	1.2.7	cpe:2.3:a:squirrelmail:squirrelmail:1.2.7:::::::*
squirrelmail	squirrelmail	1.2.8	cpe:2.3:a:squirrelmail:squirrelmail:1.2.8:::::::*
squirrelmail	squirrelmail	1.2.9	cpe:2.3:a:squirrelmail:squirrelmail:1.2.9:::::::*
squirrelmail	squirrelmail	1.2.10	cpe:2.3:a:squirrelmail:squirrelmail:1.2.10:::::::*