Family: CGI abuses --> Category: infos
SquirrelMail decodeHeader HTML injection vulnerability Vulnerability Scan
Vulnerability Scan Summary
Check Squirrelmail for HTML injection vulnerability
Detailed Explanation for this Vulnerability Test
The remote host is running SquirrelMail, a webmail system written in PHP.
Versions of SquirrelMail prior to 1.4.4 are vulnerable to an email HTML
injection vulnerability. A remote attacker can exploit this flaw to gain
access to the users' accounts.
Solution : Upgrade to the newest version of this software
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.