Description of problem: Martijn Brinkers identified several XSS issues in versions 1.4.0 to 1.4.9 of SquirrelMail. Fix for each one is available from upstream. Version-Release number of selected component (if applicable): 1.4.0-1.4.9 RHEL{3,4,5}, FC{5,6} Additional info: Patches are here: http://www.squirrelmail.org/patches/1.4.9-security/stable/
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2007-0022.html