VULHUB ™

SquirrelMail是一款PHP编写的WEBMAIL程序。 SquirrelMail没有正确地过滤用户向多个表单(发送消息、更改偏好等)所提交的内容，远程攻击者可以通过跨站请求伪造攻击执行删除邮件、发送邮件等操作。以下是受影响的页面：functions/mailbox_display.php，src/addrbook_search_html.php，src/addressbook.php，src/compose.php，src/folders.php，src/folders_create.php，src/folders_delete.php，src/folders_rename_do.php，src/folders_rename_getname.php，src/folders_subscribe.php，src/move_messages.php，src/options.php，src/options_highlight.php，src/options_identities.php，src/options_order.php，src/search.php，src/vcard.php。

SquirrelMail是一款PHP编写的WEBMAIL程序。 SquirrelMail没有正确地过滤用户向多个表单(发送消息、更改偏好等)所提交的内容，远程攻击者可以通过跨站请求伪造攻击执行删除邮件、发送邮件等操作。以下是受影响的页面：functions/mailbox_display.php，src/addrbook_search_html.php，src/addressbook.php，src/compose.php，src/folders.php，src/folders_create.php，src/folders_delete.php，src/folders_rename_do.php，src/folders_rename_getname.php，src/folders_subscribe.php，src/move_messages.php，src/options.php，src/options_highlight.php，src/options_identities.php，src/options_order.php，src/search.php，src/vcard.php。