The mail message display page in SquirrelMail through 1.4.22 has XSS via a "
CVE-2018-14951
MEDIUMNVD 6.16.1—
EchelonGraph scoreMEDIUM confidence
Score 6.1 from GitHub Security Advisory published 2022-05-14. NVD baseline CVSS 6.1; sources differ by 0.0.
Triggered by: GitHub Security Advisory CVSS
Sources: epss, ghsa, nvd
6.1
EchelonGraph verdictMonitorLow exploitation likelihood right now — keep watching.
- Lower severity and no public exploit yet
CISA-KEV: Not listedEPSS: 1%CVSS: 6.1Exploit: NoneExposed: 0
No vendor fix yet — apply a workaround or compensating control (WAF / firewall / segmentation) and watch for a patch.