Cross-site request forgery (CSRF) vulnerability in compose.php in SquirrelMail before 1.2.3 allows remote attackers to send email as other users via an IMG URL with modified send_to and subject parameters.
| CVE ID | Name | Status | References |
|---|---|---|---|
| CVE-2002-1648 | Cross-site request forgery (CSRF) vulnerability in compose.php in SquirrelMail before 1.2.3 allows remote attackers to send email as other users via an IMG URL with modified send_to and subject parameters. |
Assigned (20050328) | BID:3956 | URL:http://www.securityfocus.com/bid/3956 | BUGTRAQ:20020124 Vulnerabilities in squirrelmail | URL:http://archives.neohapsis.com/archives/bugtraq/2002-01/0310.html | CERT-VN:VU#153043 | URL:http://www.kb.cert.org/vuls/id/153043 | XF:squirrelmail-html-execute-script(7989) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/7989 |
Page created: