CVE-2005-2095

Priority
Untriaged
Description
options_identities.php in SquirrelMail 1.4.4 and earlier uses the extract
function to process the $_POST variable, which allows remote attackers to
modify or read the preferences of other users, conduct cross-site scripting
XSS) attacks, and write arbitrary files.
References
Package
Upstream:needs-triage
More Information

Updated: 2018-06-26 04:21:22 UTC (commit 7799c934cca373482531a7b00e4dfe82302ceae5)