Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2010-4555
Description:Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1.4.21 and earlier allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) drop-down selection lists, (2) the > (greater than) character in the SquirrelSpell spellchecking plugin, and (3) errors associated with the Index Order (aka options_order) page.
Test IDs: 1.3.6.1.4.1.25623.1.0.69950   1.3.6.1.4.1.25623.1.0.69953   1.3.6.1.4.1.25623.1.0.70102   1.3.6.1.4.1.25623.1.0.123994   1.3.6.1.4.1.25623.1.0.831438  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2010-4555
http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html
Debian Security Information: DSA-2291 (Google Search)
http://www.debian.org/security/2011/dsa-2291
http://www.mandriva.com/security/advisories?name=MDVSA-2011:123
RedHat Security Advisories: RHSA-2012:0103
http://rhn.redhat.com/errata/RHSA-2012-0103.html
XForce ISS Database: squirrelmail-dropdown-xss(68510)
https://exchange.xforce.ibmcloud.com/vulnerabilities/68510
XForce ISS Database: squirrelmail-spellchecking-xss(68511)
https://exchange.xforce.ibmcloud.com/vulnerabilities/68511




© 1998-2024 E-Soft Inc. All rights reserved.