PublicDate: 2007-05-11 04:20:00 UTC
Candidate: CVE-2007-1262
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1262
Description:
 Multiple cross-site scripting (XSS) vulnerabilities in the HTML filter in
 SquirrelMail 1.4.0 through 1.4.9a allow remote attackers to inject
 arbitrary web script or HTML via the (1) data: URI in an HTML e-mail
 attachment or (2) various non-ASCII character sets that are not properly
 filtered when viewed with Microsoft Internet Explorer.
Ubuntu-Description:
Notes:
Priority: untriaged
Discovered-by:
Assigned-to:
CVSS:

Bugs:
dapper_squirrelmail: released (1.4.6-1ubuntu0.1)
edgy_squirrelmail: released (1.4.8-1ubuntu0.1)
feisty_squirrelmail: released (1.4.9a-1ubuntu0.1)
devel_squirrelmail: released (1.4.10a-2)
upstream_squirrelmail: needs-triage