CVE-2020-14932

compose.php in SquirrelMail 1.4.22 calls unserialize for the $mailtodata value, which originates from an HTTP GET request. This is related to mailto.php.
References
Link Resource
https://www.openwall.com/lists/oss-security/2020/06/20/1 Mailing List Third Party Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:squirrelmail:squirrelmail:1.4.22:*:*:*:*:*:*:*

Information

Published : 2020-06-20 06:15

Updated : 2020-06-26 12:03


NVD link : CVE-2020-14932

Mitre link : CVE-2020-14932


JSON object : View

CWE
CWE-502

Deserialization of Untrusted Data

Advertisement

dedicated server usa

Products Affected

squirrelmail

  • squirrelmail