Explore top 10 tips to secure your open-source projects now. Read More
×
SquirrelMail could be made to crash if it received specially crafted
input.
Software Description:
- squirrelmail: Webmail for nuts
Details:
It was discovered that a cross-site scripting (XSS) vulnerability in
SquirrelMail allows remote attackers to use malicious script content from
HTML e-mail to execute code and/or provoke a denial of service.
The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 LTS: squirrelmail 2:1.4.23~svn20120406-2+deb8u3ubuntu0.16.04.2 In general, a standard system update will make all the necessary changes.
https://ubuntu.com/security/notices/USN-4669-1
CVE-2019-12970
Get the latest Linux and open source security news straight to your inbox.