CVE-2011-2753
Priority
Medium
Description
Multiple cross-site request forgery (CSRF) vulnerabilities in SquirrelMail
1.4.21 and earlier allow remote attackers to hijack the authentication of
unspecified victims via vectors involving (1) the empty trash
implementation and (2) the Index Order (aka options_order) page, a
different issue than CVE-2010-4555.
1.4.21 and earlier allow remote attackers to hijack the authentication of
unspecified victims via vectors involving (1) the empty trash
implementation and (2) the Index Order (aka options_order) page, a
different issue than CVE-2010-4555.
Package
| Upstream: | needs-triage |
| Ubuntu 8.04 LTS (Hardy Heron): | ignored (reached end-of-life) |
| Ubuntu 10.04 LTS (Lucid Lynx): | needs-triage |
| Ubuntu 11.10 (Oneiric Ocelot): | ignored (reached end-of-life) |
| Ubuntu 12.04 LTS (Precise Pangolin): | needs-triage |
| Ubuntu 12.10 (Quantal Quetzal): | needs-triage |
| Ubuntu 13.04 (Raring Ringtail): | needs-triage |
| Ubuntu 13.10 (Saucy Salamander): | needs-triage |