Download
| Alert*
DSA-1682 squirrelmail -- insufficient input sanitising
Ivan Markovic discovered that SquirrelMail, a webmail application, did not sufficiently sanitise incoming HTML email, allowing an attacker to perform cross site scripting through sending a malicious HTML email.
|