3 matches found
CVE-2010-4778
Multiple cross-site scripting XSS vulnerabilities in fetchmailprefs.php in Horde IMP before 4.3.8, and Horde Groupware Webmail Edition before 1.2.7, allow remote attackers to inject arbitrary web script or HTML via the 1 username aka fmusername, 2 password aka fmpassword, or 3 server aka fmserver...
CVE-2010-4778
Horde IMP prior to 4.3.8 and Horde Groupware Webmail Edition prior to 1.2.7 contain multiple XSS vulnerabilities in fetchmailprefs.php (fetchmail_prefs_save action). The issues allow remote attackers to inject arbitrary web script or HTML via vulnerable fields, specifically (for CVE-2010-4778) th...
Horde IMP Webmail 'fetchmailprefs.php' HTML Injection Vulnerability
Horde IMP Webmail is prone to an HTML injection vulnerability because it fails to sufficiently sanitize user-supplied data before it is used in dynamic content. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by th...