The current version of SquirrelMail provided by DA is vulnerable by multiple issues:
CVE-2018-14950, CVE-2018-14951, CVE-2018-14952, CVE-2018-14953, CVE-2018-14954, CVE-2018-14955
They are all patched via:
https://sourceforge.net/p/squirrelmail/code/14804
and
https://sourceforge.net/p/squirrelmail/code/14806
Please pull the latest stable version of SquirrelMail via:
https://sourceforge.net/p/squirrelmail/code/HEAD/tree/branches/SM-1_4-STABLE/
CVE-2018-14950, CVE-2018-14951, CVE-2018-14952, CVE-2018-14953, CVE-2018-14954, CVE-2018-14955
They are all patched via:
https://sourceforge.net/p/squirrelmail/code/14804
and
https://sourceforge.net/p/squirrelmail/code/14806
Please pull the latest stable version of SquirrelMail via:
https://sourceforge.net/p/squirrelmail/code/HEAD/tree/branches/SM-1_4-STABLE/