SquirrelMail XSS Exploit Found

SquirrelMail has released a patch to fix "a cross site scripting issue in the decoding of encoded text in certain headers. SquirrelMail correctly decodes the specially crafted header, but doesn't sanitize the decoded strings."

You can download the patch to fix this.

 

 

 

 

Top