2 matches found
Debian DSA-1241-1 : squirrelmail - XSS
Martijn Brinkers discovered cross-site scripting vulnerabilities in the mailto parameter of webmail.php, the session and deletedraft parameters of compose.php and through a shortcoming in the magicHTML filter. An attacker could abuse these to execute malicious JavaScript in the user's webmail...
DSA-988-1 squirrelmail - several
Bulletin has no description...