Exploitation Summary
EIP tracks 1 public exploit for CVE-2004-0520. PoCs published by Roman Medina.
AI-analyzed exploit summary This exploit demonstrates an HTML injection vulnerability in SquirrelMail by injecting a malicious script into an email header. The script executes when the email is viewed, potentially stealing cookies or other sensitive information.
Description
Cross-site scripting (XSS) vulnerability in mime.php for SquirrelMail before 1.4.3 allows remote attackers to insert arbitrary HTML and script via the content-type mail header, as demonstrated using read_body.php.
Exploits (1)
This exploit demonstrates an HTML injection vulnerability in SquirrelMail by injecting a malicious script into an email header. The script executes when the email is viewed, potentially stealing cookies or other sensitive information.