SquirrelMail Project Team Information for VU#153043
SquirrelMail compose.php script does not adequately validate input thereby allowing arbitrary user to send messages
- Vendor Information Help Date Notified: 28 Jan 2002
- Statement Date:
- Date Updated: 30 May 2002
"SquirrelMail 1.2.4 is the release that fixed the problem."
The vendor has not provided us with any further information regarding this vulnerability.
Upgrade SquirrelMail to version 1.2.4 or later, available from
If you have feedback, comments, or additional information about this vulnerability, please send us email.