Summary
The remote host seems to be vulnerable to a security problem in SquirrelMail. Its script 'read_body.php' didn't filter out user input for 'filter_dir' and 'mailbox', making a xss attack possible.
Solution
Upgrade to a newer version of this software
Severity
Classification
-
CVE CVE-2002-1276, CVE-2002-1341 -
CVSS Base Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Apache Archiva Cross Site Request Forgery Vulnerability
- APC PowerChute Network Shutdown 'security/applet' Cross Site Scripting Vulnerability
- Apache Struts Directory Traversal Vulnerability
- AeroMail Cross Site Request Forgery, HTML Injection and Cross Site Scripting Vulnerabilities
- /doc directory browsable ?