CVE-2018-14954

🗓️ 05 Aug 2018 18:00:29Reported by [email protected]Type

The mail message display page in SquirrelMail through 1.4.22 has XSS via the formaction attribute

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 16
RedhatCVE	CVE-2018-14954	14 Aug 201822:48	–	redhatcve
Cvelist	CVE-2018-14954	5 Aug 201818:00	–	cvelist
Prion	Cross site scripting	5 Aug 201818:29	–	prion
UbuntuCve	CVE-2018-14954	5 Aug 201800:00	–	ubuntucve
CVE	CVE-2018-14954	5 Aug 201818:29	–	cve
Tenable Nessus	Linux Distros Unpatched Vulnerability : CVE-2018-14954	4 Mar 202500:00	–	nessus
Tenable Nessus	RHEL 5 : squirrelmail (Unpatched Vulnerability)	3 Jun 202400:00	–	nessus
Tenable Nessus	RHEL 5 : squirrelmail (Unpatched Vulnerability)	11 May 202400:00	–	nessus
OSV	DLA-1484-1 squirrelmail - security update	30 Aug 201800:00	–	osv
OpenVAS	Debian: Security Advisory (DLA-1484-1)	2 Sep 201800:00	–	openvas

Nvd

Node

squirrelmail squirrelmailRange≤1.4.22

Source	Link
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T5FP5O562A4FM5TCFNEW73SS6PZONSAC/
sourceforge	www.sourceforge.net/p/squirrelmail/bugs/2831/
bugs	www.bugs.debian.org/905023
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CVXTYMZ35IC5KPNMAE6BWAQWURMX7KZO/
openwall	www.openwall.com/lists/oss-security/2018/07/26/2

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

05 Aug 2018 18:29Current

5.9Medium risk

Vulners AI Score5.9

CVSS24.3

CVSS36.1

EPSS0.00549

CWE-79