Package(s):	squirrelmail	CVE #(s):	CVE-2007-1262
Created:	May 14, 2007	Updated:	June 15, 2007
Description:	It was discovered that the webmail package Squirrelmail performs insufficient sanitizing inside the HTML filter, which allows the injection of arbitrary web script code during the display of HTML email messages.
Alerts:	rPath rPSA-2007-0123-1 squirrelmail 2007-06-14 Mandriva MDKSA-2007:106 squirrelmail 2007-05-19 Red Hat RHSA-2007:0358-01 squirrelmail 2007-05-17 Fedora FEDORA-2007-505 squirrelmail 2007-05-14 Debian DSA-1290-1 squirrelmail 2007-05-13

---

to post comments