CVE-2020-14932: squirrelmail: use of unserialize function for the mailtodata value in compose.php

Severity: Critical

CVSS Score: 9.8

compose.php in SquirrelMail 1.4.22 calls unserialize for the $mailtodata value, which originates from an HTTP GET request. This is related to mailto.php.