|Related CVEs||CVE-2020-14932 CVE-2020-14933|
Two unsafe serialisation vulnerabilities were discovered in the PHP-based
squirrelmail webmail client.
Unsafe data was accepted to the
mailto.php script which opened an email
compose screen with the passed email address.
For Debian 8 Jessie, these problems have been fixed in version 2:1.4.23~svn20120406-2+deb8u5.
We recommend that you upgrade your squirrelmail packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.