1
Candidate: CVE-2011-2023
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2023
5
http://www.squirrelmail.org/security/issue/2011-07-10
7
Cross-site scripting (XSS) vulnerability in functions/mime.php in
8
SquirrelMail before 1.4.22 allows remote attackers to inject arbitrary web
9
script or HTML via a crafted STYLE element in an e-mail message.
18
upstream: http://squirrelmail.svn.sourceforge.net/viewvc/squirrelmail/branches/SM-1_4-STABLE/squirrelmail/functions/mime.php?view=patch&r1=14133&r2=14120&pathrev=14133
19
upstream_squirrelmail: released (1.4.22)
20
hardy_squirrelmail: ignored (reached end-of-life)
21
lucid_squirrelmail: ignored (reached end-of-life)
22
maverick_squirrelmail: ignored (reached end-of-life)
23
natty_squirrelmail: ignored (reached end-of-life)
24
oneiric_squirrelmail: not-affected (2:1.4.22-1)
25
precise_squirrelmail: not-affected (2:1.4.22-1)
26
quantal_squirrelmail: not-affected (2:1.4.22-1)
27
raring_squirrelmail: not-affected (2:1.4.22-1)
28
saucy_squirrelmail: not-affected (2:1.4.22-1)
29
devel_squirrelmail: not-affected (2:1.4.22-1)