CVE-2004-0519 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2004-0519 Interim 1 4 2023-12-09T02:25:12Z current 2021-05-30T12:30:10Z 2023-12-09T02:25:12Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2004-0519 Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1.4.2 allow remote attackers to execute arbitrary script as other users and possibly steal authentication information via multiple attack vectors, including the mailbox parameter in compose.php. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/SPEKLUY4AOYBZDKTUV5SAEETXU72N46J/#SPEKLUY4AOYBZDKTUV5SAEETXU72N46J E-Mail link for SUSE-SR:2005:019 https://www.suse.com/support/security/rating/ SUSE Security Ratings Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1.4.2 allow remote attackers to execute arbitrary script as other users and possibly steal authentication information via multiple attack vectors, including the mailbox parameter in compose.php. CVE-2004-0519 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P