CVE-2002-1648
Cross-site request forgery (CSRF) vulnerability in compose.php in SquirrelMail before 1.2.3 allows remote attackers to send email as other users via an IMG URL with modified send_to and subject parameters.
Date published : 2005-03-28
http://www.securityfocus.com/bid/3956
http://archives.neohapsis.com/archives/bugtraq/2002-01/0310.html