Multiple cross-site request forgery (CSRF) vulnerabilities in SquirrelMail 1.4.21 and earlier allow remote attackers to hijack the authentication of unspecified victims via vectors involving (1) the empty trash implementation and (2) the Index Order (aka options_order) page, a different issue than CVE-2010-4555.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2011-07-17T20:00:00
Updated: 2017-08-28T12:57:01
Reserved: 2011-07-17T00:00:00
Link: CVE-2011-2753
JSON object: View
NVD Information
Status : Modified
Published: 2011-07-17T20:55:01.827
Modified: 2017-08-29T01:29:32.847
Link: CVE-2011-2753
JSON object: View
Redhat Information
No data.
CWE