VULHUB ™

SquirrelMail is a webmail program implemented in PHP. It is available for Linux and Unix based operating systems. SquirrelMail does not adequately filter script code from the message header fields. This may enable a remote attacker to cause script code to be executed in the browser of a webmail user. This issue may be exploited to steal cookie-based authentication credentials from legitimate users of the webmail system.

SquirrelMail is a webmail program implemented in PHP. It is available for Linux and Unix based operating systems. SquirrelMail does not adequately filter script code from the message header fields. This may enable a remote attacker to cause script code to be executed in the browser of a webmail user. This issue may be exploited to steal cookie-based authentication credentials from legitimate users of the webmail system.