CVE-2010-3695

Cross-site scripting XSS vulnerability in fetchmailprefs.php in Horde IMP before 4.3.8, and Horde Groupware Webmail Edition before 1.2.7, allows remote attackers to inject arbitrary web script or HTML via the fmid parameter in a fetchmailprefssave action, related to the Fetchmail configuration...

CVE-2010-3695

CVE-2010-3695 is a cross-site scripting (XSS) vulnerability in Horde IMP (before 4.3.8) and Horde Groupware Webmail Edition (before 1.2.7). The flaw allows remote attackers to inject arbitrary web script or HTML via the fm_id parameter in the fetchmail_prefs_save action (Fetchmail configuration)....

Horde IMP Webmail 'fetchmailprefs.php' HTML Injection Vulnerability

Horde IMP Webmail is prone to an HTML injection vulnerability because it fails to sufficiently sanitize user-supplied data before it is used in dynamic content. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by th...

CVE-2010-3695

creationtimestamp| type| source ---|---|--- 2010-09-27 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/34773...