VYPR
Unrated severityNVD Advisory· Published Mar 1, 2005· Updated Jun 16, 2026

CVE-2004-1036

CVE-2004-1036

Description

Cross-site scripting (XSS) vulnerability in the decoding of encoded text in certain headers in mime.php for SquirrelMail 1.4.3a and earlier, and 1.5.1-cvs before 23rd October 2004, allows remote attackers to execute arbitrary web script or HTML.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

23
  • cpe:2.3:a:squirrelmail:squirrelmail:1.0.4:*:*:*:*:*:*:*+ 21 more
    • cpe:2.3:a:squirrelmail:squirrelmail:1.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:squirrelmail:squirrelmail:1.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:squirrelmail:squirrelmail:1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:squirrelmail:squirrelmail:1.2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:squirrelmail:squirrelmail:1.2.10:*:*:*:*:*:*:*
    • cpe:2.3:a:squirrelmail:squirrelmail:1.2.11:*:*:*:*:*:*:*
    • cpe:2.3:a:squirrelmail:squirrelmail:1.2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:squirrelmail:squirrelmail:1.2.3:*:*:*:*:*:*:*
    • cpe:2.3:a:squirrelmail:squirrelmail:1.2.4:*:*:*:*:*:*:*
    • cpe:2.3:a:squirrelmail:squirrelmail:1.2.5:*:*:*:*:*:*:*
    • cpe:2.3:a:squirrelmail:squirrelmail:1.2.6:*:*:*:*:*:*:*
    • cpe:2.3:a:squirrelmail:squirrelmail:1.2.7:*:*:*:*:*:*:*
    • cpe:2.3:a:squirrelmail:squirrelmail:1.2.8:*:*:*:*:*:*:*
    • cpe:2.3:a:squirrelmail:squirrelmail:1.2.9:*:*:*:*:*:*:*
    • cpe:2.3:a:squirrelmail:squirrelmail:1.4:*:*:*:*:*:*:*
    • cpe:2.3:a:squirrelmail:squirrelmail:1.4.1:*:*:*:*:*:*:*
    • cpe:2.3:a:squirrelmail:squirrelmail:1.4.2:*:*:*:*:*:*:*
    • cpe:2.3:a:squirrelmail:squirrelmail:1.4.3:*:*:*:*:*:*:*
    • cpe:2.3:a:squirrelmail:squirrelmail:1.4.3a:*:*:*:*:*:*:*
    • cpe:2.3:a:squirrelmail:squirrelmail:1.4.3_rc1:*:*:*:*:*:*:*
    • cpe:2.3:a:squirrelmail:squirrelmail:1.5_dev:*:*:*:*:*:*:*
    • (no CPE)range: <=1.4.3a, 1.5.1-cvs before 2004-10-23
  • cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*

Patches

Vulnerability mechanics

References

9

News mentions

0

No linked articles in our index yet.