6 matches found
SUSE CVE-2011-2753
Multiple cross-site request forgery CSRF vulnerabilities in SquirrelMail 1.4.21 and earlier allow remote attackers to hijack the authentication of unspecified victims via vectors involving 1 the empty trash implementation and 2 the Index Order aka optionsorder page, a different issue than...
SquirrelMail: CSRF in the empty trash feature and in Index Order page
Multiple cross-site request forgery CSRF vulnerabilities in SquirrelMail 1.4.21 and earlier allow remote attackers to hijack the authentication of unspecified victims via vectors involving 1 the empty trash implementation and 2 the Index Order aka optionsorder page, a different issue than...
CVE-2011-2753
Multiple cross-site request forgery CSRF vulnerabilities in SquirrelMail 1.4.21 and earlier allow remote attackers to hijack the authentication of unspecified victims via vectors involving 1 the empty trash implementation and 2 the Index Order aka optionsorder page, a different issue than...
UBUNTU-CVE-2011-2753
Multiple cross-site request forgery CSRF vulnerabilities in SquirrelMail 1.4.21 and earlier allow remote attackers to hijack the authentication of unspecified victims via vectors involving 1 the empty trash implementation and 2 the Index Order aka optionsorder page, a different issue than...
CVE-2010-4555
Multiple cross-site scripting XSS vulnerabilities in SquirrelMail 1.4.21 and earlier allow remote attackers to inject arbitrary web script or HTML via vectors involving 1 drop-down selection lists, 2 the greater than character in the SquirrelSpell spellchecking plugin, and 3 errors associated wit...
CVE-2010-4555
Multiple cross-site scripting XSS vulnerabilities in SquirrelMail 1.4.21 and earlier allow remote attackers to inject arbitrary web script or HTML via vectors involving 1 drop-down selection lists, 2 the greater than character in the SquirrelSpell spellchecking plugin, and 3 errors associated wit...