Arbitrary HTML and Script Injection in SquirrelMail Mime.php
CVE-2004-0520 · MEDIUM Severity
AV:N/AC:M/AU:N/C:P/I:P/A:P
Cross-site scripting (XSS) vulnerability in mime.php for SquirrelMail before 1.4.3 allows remote attackers to insert arbitrary HTML and script via the content-type mail header, as demonstrated using read_body.php.
Learn more about our Web Application Penetration Testing UK.