IMP thread.php Email Subject Header XSS

2007-03-15T11:07:11
ID OSVDB:34078
Type osvdb
Reporter OSVDB
Modified 2007-03-15T11:07:11

Description

Solution Description

Upgrade to version 4.1.4 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

References:

Security Tracker: 1017774 Secunia Advisory ID:24541 Related OSVDB ID: 34079 Other Advisory URL: http://lists.grok.org.uk/pipermail/full-disclosure/2007-March/052977.html Other Advisory URL: http://lists.horde.org/archives/announce/2007/000316.html Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-03/0190.html FrSIRT Advisory: ADV-2007-0964 CVE-2007-1515 Bugtraq ID: 22975