Summary
The remote host seems to be vulnerable to a security problem in SquirrelMail. Its script 'read_body.php' didn't filter out user input for 'filter_dir' and 'mailbox', making a xss attack possible.
Solution
Upgrade to a newer version of this software
Severity
Classification
-
CVE CVE-2002-1276, CVE-2002-1341 -
CVSS Base Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Apache Web Server ETag Header Information Disclosure Weakness
- Adobe Presenter viewer.swf and loadflash.js XSS Vulnerability
- Advanced Image Hosting Cross Site Scripting Vulnerability
- Apache Struts CookBook/Examples Multiple Cross-Site Scripting Vulnerabilities
- Allaire JRun directory browsing vulnerability