Intrusion Prevention



It indicates an attacker attempted to exploit an HTML injection vulnerability in SquirrelMail. SquirrelMail is vulnerable to an email header HTML injection exploit because the application does not sufficiently sanitize user supplied input. This could allow an attacker access to a users authentication cookies and personnel emails.

Affected Products

SquirrelMail SquirrelMail 1.5 and earlier versions


Information Leakage

Recommended Actions

Apply appropriate patch from the vendor or Upgrade to non-vulnerable version if available.

CVE References