Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2011-2023
Deferred
More InfoOfficial Page
Source-cve@mitre.org
View Known Exploited Vulnerability (KEV) details
Published At-14 Jul, 2011 | 23:55
Updated At-11 Apr, 2025 | 00:51

Cross-site scripting (XSS) vulnerability in functions/mime.php in SquirrelMail before 1.4.22 allows remote attackers to inject arbitrary web script or HTML via a crafted STYLE element in an e-mail message.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.04.3MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
CPE Matches
SquirrelMail
squirrelmail
>>squirrelmail>>Versions up to 1.4.21(inclusive)
cpe:2.3:a:squirrelmail:squirrelmail:*:*:*:*:*:*:*:*
SquirrelMail
squirrelmail
>>squirrelmail>>0.1
cpe:2.3:a:squirrelmail:squirrelmail:0.1:*:*:*:*:*:*:*
SquirrelMail
squirrelmail
>>squirrelmail>>0.1.1
cpe:2.3:a:squirrelmail:squirrelmail:0.1.1:*:*:*:*:*:*:*
SquirrelMail
squirrelmail
>>squirrelmail>>0.1.2
cpe:2.3:a:squirrelmail:squirrelmail:0.1.2:*:*:*:*:*:*:*
SquirrelMail
squirrelmail
>>squirrelmail>>0.2
cpe:2.3:a:squirrelmail:squirrelmail:0.2:*:*:*:*:*:*:*
SquirrelMail
squirrelmail
>>squirrelmail>>0.2.1
cpe:2.3:a:squirrelmail:squirrelmail:0.2.1:*:*:*:*:*:*:*
SquirrelMail
squirrelmail
>>squirrelmail>>0.3
cpe:2.3:a:squirrelmail:squirrelmail:0.3:*:*:*:*:*:*:*
SquirrelMail
squirrelmail
>>squirrelmail>>0.3.1
cpe:2.3:a:squirrelmail:squirrelmail:0.3.1:*:*:*:*:*:*:*
SquirrelMail
squirrelmail
>>squirrelmail>>0.3pre1
cpe:2.3:a:squirrelmail:squirrelmail:0.3pre1:*:*:*:*:*:*:*
SquirrelMail
squirrelmail
>>squirrelmail>>0.3pre2
cpe:2.3:a:squirrelmail:squirrelmail:0.3pre2:*:*:*:*:*:*:*
SquirrelMail
squirrelmail
>>squirrelmail>>0.4
cpe:2.3:a:squirrelmail:squirrelmail:0.4:*:*:*:*:*:*:*
SquirrelMail
squirrelmail
>>squirrelmail>>0.4pre1
cpe:2.3:a:squirrelmail:squirrelmail:0.4pre1:*:*:*:*:*:*:*
SquirrelMail
squirrelmail
>>squirrelmail>>0.4pre2
cpe:2.3:a:squirrelmail:squirrelmail:0.4pre2:*:*:*:*:*:*:*
SquirrelMail
squirrelmail
>>squirrelmail>>0.5
cpe:2.3:a:squirrelmail:squirrelmail:0.5:*:*:*:*:*:*:*
SquirrelMail
squirrelmail
>>squirrelmail>>0.5pre1
cpe:2.3:a:squirrelmail:squirrelmail:0.5pre1:*:*:*:*:*:*:*
SquirrelMail
squirrelmail
>>squirrelmail>>0.5pre2
cpe:2.3:a:squirrelmail:squirrelmail:0.5pre2:*:*:*:*:*:*:*
SquirrelMail
squirrelmail
>>squirrelmail>>1.0
cpe:2.3:a:squirrelmail:squirrelmail:1.0:*:*:*:*:*:*:*
SquirrelMail
squirrelmail
>>squirrelmail>>1.0.1
cpe:2.3:a:squirrelmail:squirrelmail:1.0.1:*:*:*:*:*:*:*
SquirrelMail
squirrelmail
>>squirrelmail>>1.0.2
cpe:2.3:a:squirrelmail:squirrelmail:1.0.2:*:*:*:*:*:*:*
SquirrelMail
squirrelmail
>>squirrelmail>>1.0.3
cpe:2.3:a:squirrelmail:squirrelmail:1.0.3:*:*:*:*:*:*:*
SquirrelMail
squirrelmail
>>squirrelmail>>1.0.4
cpe:2.3:a:squirrelmail:squirrelmail:1.0.4:*:*:*:*:*:*:*
SquirrelMail
squirrelmail
>>squirrelmail>>1.0.5
cpe:2.3:a:squirrelmail:squirrelmail:1.0.5:*:*:*:*:*:*:*
SquirrelMail
squirrelmail
>>squirrelmail>>1.0.6
cpe:2.3:a:squirrelmail:squirrelmail:1.0.6:*:*:*:*:*:*:*
SquirrelMail
squirrelmail
>>squirrelmail>>1.0pre1
cpe:2.3:a:squirrelmail:squirrelmail:1.0pre1:*:*:*:*:*:*:*
SquirrelMail
squirrelmail
>>squirrelmail>>1.0pre2
cpe:2.3:a:squirrelmail:squirrelmail:1.0pre2:*:*:*:*:*:*:*
SquirrelMail
squirrelmail
>>squirrelmail>>1.0pre3
cpe:2.3:a:squirrelmail:squirrelmail:1.0pre3:*:*:*:*:*:*:*
SquirrelMail
squirrelmail
>>squirrelmail>>1.1.0
cpe:2.3:a:squirrelmail:squirrelmail:1.1.0:*:*:*:*:*:*:*
SquirrelMail
squirrelmail
>>squirrelmail>>1.1.1
cpe:2.3:a:squirrelmail:squirrelmail:1.1.1:*:*:*:*:*:*:*
SquirrelMail
squirrelmail
>>squirrelmail>>1.1.2
cpe:2.3:a:squirrelmail:squirrelmail:1.1.2:*:*:*:*:*:*:*
SquirrelMail
squirrelmail
>>squirrelmail>>1.1.3
cpe:2.3:a:squirrelmail:squirrelmail:1.1.3:*:*:*:*:*:*:*
SquirrelMail
squirrelmail
>>squirrelmail>>1.2
cpe:2.3:a:squirrelmail:squirrelmail:1.2:*:*:*:*:*:*:*
SquirrelMail
squirrelmail
>>squirrelmail>>1.2.0
cpe:2.3:a:squirrelmail:squirrelmail:1.2.0:*:*:*:*:*:*:*
SquirrelMail
squirrelmail
>>squirrelmail>>1.2.0
cpe:2.3:a:squirrelmail:squirrelmail:1.2.0:rc3:*:*:*:*:*:*
SquirrelMail
squirrelmail
>>squirrelmail>>1.2.1
cpe:2.3:a:squirrelmail:squirrelmail:1.2.1:*:*:*:*:*:*:*
SquirrelMail
squirrelmail
>>squirrelmail>>1.2.2
cpe:2.3:a:squirrelmail:squirrelmail:1.2.2:*:*:*:*:*:*:*
SquirrelMail
squirrelmail
>>squirrelmail>>1.2.3
cpe:2.3:a:squirrelmail:squirrelmail:1.2.3:*:*:*:*:*:*:*
SquirrelMail
squirrelmail
>>squirrelmail>>1.2.4
cpe:2.3:a:squirrelmail:squirrelmail:1.2.4:*:*:*:*:*:*:*
SquirrelMail
squirrelmail
>>squirrelmail>>1.2.5
cpe:2.3:a:squirrelmail:squirrelmail:1.2.5:*:*:*:*:*:*:*
SquirrelMail
squirrelmail
>>squirrelmail>>1.2.6
cpe:2.3:a:squirrelmail:squirrelmail:1.2.6:*:*:*:*:*:*:*
SquirrelMail
squirrelmail
>>squirrelmail>>1.2.6
cpe:2.3:a:squirrelmail:squirrelmail:1.2.6:rc1:*:*:*:*:*:*
SquirrelMail
squirrelmail
>>squirrelmail>>1.2.7
cpe:2.3:a:squirrelmail:squirrelmail:1.2.7:*:*:*:*:*:*:*
SquirrelMail
squirrelmail
>>squirrelmail>>1.2.8
cpe:2.3:a:squirrelmail:squirrelmail:1.2.8:*:*:*:*:*:*:*
SquirrelMail
squirrelmail
>>squirrelmail>>1.2.9
cpe:2.3:a:squirrelmail:squirrelmail:1.2.9:*:*:*:*:*:*:*
SquirrelMail
squirrelmail
>>squirrelmail>>1.2.10
cpe:2.3:a:squirrelmail:squirrelmail:1.2.10:*:*:*:*:*:*:*
SquirrelMail
squirrelmail
>>squirrelmail>>1.2.11
cpe:2.3:a:squirrelmail:squirrelmail:1.2.11:*:*:*:*:*:*:*
SquirrelMail
squirrelmail
>>squirrelmail>>1.3.0
cpe:2.3:a:squirrelmail:squirrelmail:1.3.0:*:*:*:*:*:*:*
SquirrelMail
squirrelmail
>>squirrelmail>>1.3.1
cpe:2.3:a:squirrelmail:squirrelmail:1.3.1:*:*:*:*:*:*:*
SquirrelMail
squirrelmail
>>squirrelmail>>1.3.2
cpe:2.3:a:squirrelmail:squirrelmail:1.3.2:*:*:*:*:*:*:*
SquirrelMail
squirrelmail
>>squirrelmail>>1.4
cpe:2.3:a:squirrelmail:squirrelmail:1.4:*:*:*:*:*:*:*
SquirrelMail
squirrelmail
>>squirrelmail>>1.4
cpe:2.3:a:squirrelmail:squirrelmail:1.4:rc1:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-79Primarynvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.htmlcve@mitre.org
N/A
http://rhn.redhat.com/errata/RHSA-2012-0103.htmlcve@mitre.org
N/A
http://securitytracker.com/id?1025766cve@mitre.org
N/A
http://squirrelmail.svn.sourceforge.net/viewvc/squirrelmail?view=revision&revision=14121cve@mitre.org
Patch
http://support.apple.com/kb/HT5130cve@mitre.org
N/A
http://www.debian.org/security/2011/dsa-2291cve@mitre.org
N/A
http://www.mandriva.com/security/advisories?name=MDVSA-2011:123cve@mitre.org
N/A
http://www.squirrelmail.org/security/issue/2011-07-10cve@mitre.org
Patch
Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=720695cve@mitre.org
Patch
http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://rhn.redhat.com/errata/RHSA-2012-0103.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://securitytracker.com/id?1025766af854a3a-2127-422b-91ae-364da2661108
N/A
http://squirrelmail.svn.sourceforge.net/viewvc/squirrelmail?view=revision&revision=14121af854a3a-2127-422b-91ae-364da2661108
Patch
http://support.apple.com/kb/HT5130af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.debian.org/security/2011/dsa-2291af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.mandriva.com/security/advisories?name=MDVSA-2011:123af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.squirrelmail.org/security/issue/2011-07-10af854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=720695af854a3a-2127-422b-91ae-364da2661108
Patch
Change History
0Changes found
Details not found