CVE-2018-14954 | SquirrelMail up to 1.4.22 formaction Message cross site scripting (FEDORA-2019-1a87523729)

A vulnerability, which was classified as problematic, was found in SquirrelMail up to 1.4.22. This affects an unknown part of the component formaction Handler. The manipulation as part of Message leads to cross site scripting.

This vulnerability is uniquely identified as CVE-2018-14954. It is possible to initiate the attack remotely. There is no exploit available.

Source link