CVE-2004-0520

Cross-site scripting (XSS) vulnerability in mime.php for SquirrelMail before 1.4.3 allows remote attackers to insert arbitrary HTML and script via the content-type mail header, as demonstrated using read_body.php.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:open_webmail:open_webmail:2.30:*:*:*:*:*:*:*
cpe:2.3:a:squirrelmail:squirrelmail:1.2.11:*:*:*:*:*:*:*
cpe:2.3:a:squirrelmail:squirrelmail:1.2.2:*:*:*:*:*:*:*
cpe:2.3:a:squirrelmail:squirrelmail:1.2.9:*:*:*:*:*:*:*
cpe:2.3:a:squirrelmail:squirrelmail:1.4:*:*:*:*:*:*:*
cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*
cpe:2.3:a:squirrelmail:squirrelmail:1.2.0:*:*:*:*:*:*:*
cpe:2.3:a:squirrelmail:squirrelmail:1.2.5:*:*:*:*:*:*:*
cpe:2.3:a:squirrelmail:squirrelmail:1.2.6:*:*:*:*:*:*:*
cpe:2.3:a:squirrelmail:squirrelmail:1.4.3_rc1:*:*:*:*:*:*:*
cpe:2.3:a:squirrelmail:squirrelmail:1.5_dev:*:*:*:*:*:*:*
cpe:2.3:a:squirrelmail:squirrelmail:1.4.2:*:*:*:*:*:*:*
cpe:2.3:a:squirrelmail:squirrelmail:1.2.7:*:*:*:*:*:*:*
cpe:2.3:a:squirrelmail:squirrelmail:1.2.1:*:*:*:*:*:*:*
cpe:2.3:a:squirrelmail:squirrelmail:1.4.1:*:*:*:*:*:*:*
cpe:2.3:a:squirrelmail:squirrelmail:1.2.4:*:*:*:*:*:*:*
cpe:2.3:a:squirrelmail:squirrelmail:1.2.3:*:*:*:*:*:*:*
cpe:2.3:a:open_webmail:open_webmail:2.31:*:*:*:*:*:*:*
cpe:2.3:a:squirrelmail:squirrelmail:1.2.10:*:*:*:*:*:*:*
cpe:2.3:a:open_webmail:open_webmail:2.32:*:*:*:*:*:*:*
cpe:2.3:a:squirrelmail:squirrelmail:1.2.8:*:*:*:*:*:*:*

Information

Published : 2004-08-17 21:00

Updated : 2017-10-10 18:29


NVD link : CVE-2004-0520

Mitre link : CVE-2004-0520


JSON object : View

Advertisement

dedicated server usa

Products Affected

sgi

  • propack

squirrelmail

  • squirrelmail

open_webmail

  • open_webmail