Red Hat Bugzilla – Bug 74444
Squirrelmail-1.2.7 vulnerable to several XSS exploits.
Last modified: 2008-05-01 11:38:03 EDT
Description of Problem:
As you might know, squirrelmail-1.2.7 contains several XSS vulnerabilities. Not
the end of the world, but still worth an update whenever you guys have a chance.
Version-Release number of selected component (if applicable):
squirrelmail-1.2.8 has been released that fixes this problem, plus has an
additional bonus of no longer requiring register_globals=On in the php config.
Updating the RPMs shouldn't be too hard, as I've pretty much stolen your spec
Heh, we stole yours first :)
*** This bug has been marked as a duplicate of 74313 ***