You are here

CVE-2006-0188

Vincent (CVE) Danen's picture
webmail.php in SquirrelMail 1.4.0 to 1.4.5 allows remote attackers to inject arbitrary web pages into the right frame via a URL in the right_frame parameter. NOTE: this has been called a cross-site scripting (XSS) issue, but it is different than what is normally identified as XSS.

Details Source

Mitre

Public Date

2006-02-01 00:00:00

Impact

Moderate

CVSS Status

draft

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 3 RHSA-2006:0283 2006-05-03
Red Hat Enterprise Linux 4 RHSA-2006:0283 2006-05-03