CVE-2005-2095

Priority
Description
options_identities.php in SquirrelMail 1.4.4 and earlier uses the extract
function to process the $_POST variable, which allows remote attackers to
modify or read the preferences of other users, conduct cross-site scripting
XSS) attacks, and write arbitrary files.
References
Package
Upstream:needs-triage
More Information

Updated: 2018-09-26 06:35:23 UTC (commit 2c85db1cbbe986be0a0659e41e8f961058e5adca)