horde -- multiple vulnerabilities

2008-09-10T00:00:00
ID 7D239578-7FF2-11DD-8DE5-0030843D3802
Type freebsd
Reporter FreeBSD
Modified 2008-10-03T00:00:00

Description

Secunia reports:

Some vulnerabilities have been reported in various Horde products, which can be exploited by malicious people to conduct script insertion attacks Input via MIME attachment linking is not properly sanitised in the MIME library before being used. This can be exploited to execute arbitrary HTML and script code in a user's browser session if e.g. a malicious email is viewed. Certain unspecified input in HTML messages is not properly sanitised before being used. This can be exploited to execute arbitrary HTML and script in a user's browser session if e.g. a malicious HTML email is viewed.