CVE-2006-3174
Published: 23 June 2006
Cross-site scripting (XSS) vulnerability in search.php in SquirrelMail 1.5.1 and earlier, when register_globals is enabled, allows remote attackers to inject arbitrary HTML via the mailbox parameter.
Priority
Status
Package | Release | Status |
---|---|---|
squirrelmail Launchpad, Ubuntu, Debian |
dapper |
Ignored
(end of life)
|
edgy |
Released
(1.4.8-1ubuntu0.1)
|
|
feisty |
Released
(1.4.9a-1ubuntu0.1)
|
|
gutsy |
Released
(1.4.10a-2)
|
|
hardy |
Released
(1.4.10a-2)
|
|
intrepid |
Released
(1.4.10a-2)
|
|
jaunty |
Released
(1.4.10a-2)
|
|
karmic |
Released
(1.4.10a-2)
|
|
upstream |
Needs triage
|