Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Gentoo: GLSA-200408-02 Advisory: SqWebMail XSS Vulnerability Alert

gentoo
Calendar Grey August 4, 2004
Dist Gentoo Esm H88
A cross-origin scripting vulnerability in SqWebMail of Courier poses a risk to Gentoo users. Ensure an update is performed to uphold safety.
The SqWebMail web application, included in the Courier suite, is vulnerable to cross-site scripting attacks.

Summary

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Gentoo Linux Security Advisory                           GLSA 200408-02
                                            https://security.gentoo.org/

  Severity: Normal
     Title: Courier: Cross-site scripting vulnerability in SqWebMail
      Date: August 04, 2004
      Bugs: #58020
        ID: 200408-02


Synopsis
=======
The SqWebMail web application, included in the Courier suite, is
vulnerable to cross-site scripting attacks.

Background
=========
Courier is an integrated mail and groupware server based on open
protocols. It provides ESMTP, IMAP, POP3, webmail, and mailing list
services within a single framework. The webmail functionality included
in Courier called SqWebMail allows you to access mailboxes from a web
browser.

Affected packages
================
    -------------------------------------------------------------------
     Package           /   Vulnerable   /                  Unaffected
    --------------------...
Read the Full Advisory
Topics%20covered

Topics Covered

security advisory cross-site scripting courier web application xss normal sqwebmail

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Topics%20covered

Topics Covered

security advisory cross-site scripting courier web application xss normal sqwebmail

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround

Your message here