Loading
Generated remediation guidance and an executive summary. No account required.
Multiple cross-site scripting (XSS) vulnerabilities in Squirrelmail 1.2.10 and earlier allow remote attackers to inject arbitrary HTML or script via (1) the $mailer variable in read_body.php, (2) the $senderNames_part variable in mailbox_display.php, and possibly other vectors including (3) the $event_title variable or (4) the $event_text variable.
Use Open Webmail vendor hub and Open Webmail product page to widen CVE-2004-0639 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2004-2284, CVE-2005-1435 and CVE-2006-2190 for nearby disclosures in the same product family.