Known Vulnerabilities for products from Squirrelmail
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Squirrelmail".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2020-14933 json | ** DISPUTED ** compose.php in SquirrelMail 1.4.22 calls unserialize for the $attachments value, which originates from an HTTP... | 8.8 - HIGH | 2020-06-20 | 2023-11-07 |
| CVE-2020-14932 json | compose.php in SquirrelMail 1.4.22 calls unserialize for the $mailtodata value, which originates from an HTTP GET request. Th... | 9.8 - CRITICAL | 2020-06-20 | 2020-06-26 |
| CVE-2019-12970 json | XSS was discovered in SquirrelMail through 1.4.22 and 1.5.x through 1.5.2. Due to improper handling of RCDATA and RAWTEXT typ... | 6.1 - MEDIUM | 2019-07-01 | 2019-07-30 |
| CVE-2018-14955 json | The mail message display page in SquirrelMail through 1.4.22 has XSS via SVG animations (animate to attribute). | 6.1 - MEDIUM | 2018-08-05 | 2023-11-07 |
| CVE-2018-14954 json | The mail message display page in SquirrelMail through 1.4.22 has XSS via the formaction attribute. | 6.1 - MEDIUM | 2018-08-05 | 2023-11-07 |
| CVE-2018-14953 json | The mail message display page in SquirrelMail through 1.4.22 has XSS via a " | 2018-08-05 | 2023-11-07 | |
| CVE-2018-14952 json | The mail message display page in SquirrelMail through 1.4.22 has XSS via a " | 2018-08-05 | 2023-11-07 | |
| CVE-2018-14951 json | The mail message display page in SquirrelMail through 1.4.22 has XSS via a " |