CVE-2002-1648

Cross-site request forgery (CSRF) vulnerability in compose.php in SquirrelMail before 1.2.3 allows remote attackers to send email as other users via an IMG URL with modified send_to and subject parameters.

Date published : 2005-03-28

http://www.securityfocus.com/bid/3956

http://archives.neohapsis.com/archives/bugtraq/2002-01/0310.html