CVE-2008-2379

Squirrelmail < 1.4.16 - XSS

Title source: rule

Description

Cross-site scripting (XSS) vulnerability in SquirrelMail before 1.4.17 allows remote attackers to inject arbitrary web script or HTML via a crafted hyperlink in an HTML part of an e-mail message.

References (16)

Scores

EPSS 0.0132
EPSS Percentile 79.7%

Classification

CWE
CWE-79
Status published

Affected Products (50)

squirrelmail/squirrelmail < 1.4.16
squirrelmail/squirrelmail
squirrelmail/squirrelmail
squirrelmail/squirrelmail
squirrelmail/squirrelmail
squirrelmail/squirrelmail
squirrelmail/squirrelmail
squirrelmail/squirrelmail
squirrelmail/squirrelmail
squirrelmail/squirrelmail
squirrelmail/squirrelmail
squirrelmail/squirrelmail
squirrelmail/squirrelmail
squirrelmail/squirrelmail
squirrelmail/squirrelmail
... and 35 more

Timeline

Published Dec 05, 2008
Tracked Since Feb 18, 2026