← volver
CVE-2004-0519

CVE-2004-0519

EPSS 22.5%
Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1.4.2 allow remote attackers to execute arbitrary script as other users and possibly steal authentication information via multiple attack vectors, including the mailbox parameter in compose.php.
Productos afectados
n/a · n/a
PoCs públicas encontradas1
exploitdbwww.exploit-db.com/exploits/24068no verificado
⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.aschttp://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000858http://marc.info/?l=bugtraq&m=108334862800260http://rhn.redhat.com/errata/RHSA-2004-240.htmlhttps://bugzilla.fedora.us/show_bug.cgi?id=1733http://secunia.com/advisories/11531http://secunia.com/advisories/11686http://secunia.com/advisories/11870http://secunia.com/advisories/12289http://security.gentoo.org/glsa/glsa-200405-16.xmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/16025https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1006