CVE-2011-2023 on Ubuntu 12.04 LTS (precise) - low.
Description:
Cross-site scripting (XSS) vulnerability in functions/mime.php in SquirrelMail before 1.4.22 allows remote attackers to inject arbitrary web script or HTML via a crafted STYLE element in an e-mail message.