Debian 10260 Published by

A squirrelmail security update has been released for Debian GNU/Linux 8 Extended LTS.



ELA-268-1 squirrelmail security update

Two unsafe serialisation vulnerabilities were discovered in the PHP-based squirrelmail webmail client.
Unsafe data was accepted to the mailto.php script which opened an email compose screen with the passed email address.

  ELA-268-1 squirrelmail security update