CVE-2006-3665
CVE-2006-3665 affects SquirrelMail 1.4.6 and earlier with register_globals enabled. The vulnerability allows remote attackers to hijack cookies via src/redirect.php, with vectors not clearly disclosed in vendor reports. The description notes that “cookie theft” is often linked to XSS, but the ven...