CVE-2011-2753

Priority
Description
Multiple cross-site request forgery (CSRF) vulnerabilities in SquirrelMail
1.4.21 and earlier allow remote attackers to hijack the authentication of
unspecified victims via vectors involving (1) the empty trash
implementation and (2) the Index Order (aka options_order) page, a
different issue than CVE-2010-4555.
Notes
Package
Upstream:released (2:1.4.22-1)
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was not-affected [2:1.4.23~svn20120406-2])
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (2:1.4.23~svn20120406-2ubuntu1)
More Information

Updated: 2020-03-18 22:06:48 UTC (commit 2ea7df7bd1e69e1e489978d2724a936eb3faa1b8)