5 matches found
CVE-2025-30090
mime.php in SquirrelMail through 1.4.23-svn-20250401 and 1.5.x through 1.5.2-svn-20250401 allows XSS via e-mail headers, because JavaScript payloads are mishandled after $encoded has been set to true...
CVE-2025-30090
creationtimestamp| type| source ---|---|--- 2025-04-02 13:33:35+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/10065 2025-04-02 14:23:09+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114268817864484797 2025-04-02 14:23:09+00:00| seen|...
CVE-2025-30090
mime.php in SquirrelMail through 1.4.23-svn-20250401 and 1.5.x through 1.5.2-svn-20250401 allows XSS via e-mail headers, because JavaScript payloads are mishandled after $encoded has been set to true...
UBUNTU-CVE-2025-30090
mime.php in SquirrelMail through 1.4.23-svn-20250401 and 1.5.x through 1.5.2-svn-20250401 allows XSS via e-mail headers, because JavaScript payloads are mishandled after $encoded has been set to true...
CVE-2025-30090
CVE-2025-30090 affects SquirrelMail mime.php in versions up to 1.4.23-svn-20250401 and 1.5.x up to 1.5.2-svn-20250401, enabling cross-site scripting via email headers after $encoded is set to true. The provided documents describe the vulnerable component and the weak handling in headers, with no ...