Lucene search
+L

9 matches found

Tenable Nessus
Tenable Nessus
added 2025/04/03 12:0 a.m.11 views

Debian dla-4113 : php-horde-imp - security update

The remote Debian 11 host has a package installed that is affected by a vulnerability as referenced in the dla-4113 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4113-1 [email protected] https://www.debian.org/lts/security/...

7.2CVSS5.4AI score0.30164EPSS
Exploits0References4
Circl
Circl
added 2025/03/21 5:19 p.m.23 views

CVE-2025-30349

creationtimestamp| type| source ---|---|--- 2025-03-21 17:19:13+00:00| exploited| https://t.me/DarkWebInformerCVEAlerts/8376 2025-03-21 20:09:28+00:00| exploited| https://t.me/cvedetector/20828 2025-03-22 21:01:54+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3lkymr5yh3g2f...

7.2CVSS5.8AI score0.30164EPSS
Exploits0References6
NVD
NVD
added 2025/03/21 5:15 p.m.17 views

CVE-2025-30349

Horde IMP through 6.2.27, as used with Horde Application Framework through 5.2.23, allows XSS that leads to account takeover via a crafted text/html e-mail message with an onerror attribute that may use base64-encoded JavaScript code, as exploited in the wild in March 2025...

7.2CVSS0.30164EPSS
Exploits0References14
UbuntuCve
UbuntuCve
added 2025/03/21 5:15 p.m.11 views

CVE-2025-30349

Horde IMP through 6.2.27, as used with Horde Application Framework through 5.2.23, allows XSS that leads to account takeover via a crafted text/html e-mail message with an onerror attribute that may use base64-encoded JavaScript code, as exploited in the wild in March 2025...

7.2CVSS5.8AI score0.30164EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/03/21 12:0 a.m.15 views

CVE-2025-30349

Horde IMP through 6.2.27, as used with Horde Application Framework through 5.2.23, allows XSS that leads to account takeover via a crafted text/html e-mail message with an onerror attribute that may use base64-encoded JavaScript code, as exploited in the wild in March 2025...

7.2CVSS6.6AI score0.30164EPSS
Exploits0References13
Debian CVE
Debian CVE
added 2025/03/21 12:0 a.m.37 views

CVE-2025-30349

Horde IMP through 6.2.27, as used with Horde Application Framework through 5.2.23, allows XSS that leads to account takeover via a crafted text/html e-mail message with an onerror attribute that may use base64-encoded JavaScript code, as exploited in the wild in March 2025...

7.2CVSS5.1AI score0.30164EPSS
Exploits0
Cvelist
Cvelist
added 2025/03/21 12:0 a.m.325 views

CVE-2025-30349

Horde IMP through 6.2.27, as used with Horde Application Framework through 5.2.23, allows XSS that leads to account takeover via a crafted text/html e-mail message with an onerror attribute that may use base64-encoded JavaScript code, as exploited in the wild in March 2025...

7.2CVSS0.30164EPSS
Exploits0References13
CVE
CVE
added 2025/03/21 12:0 a.m.109 views

CVE-2025-30349

CVE-2025-30349 affects Horde IMP (webmail) up to version 6.2.27 used with Horde Application Framework up to 5.2.23. The issue is an XSS via a crafted text/html email containing an onerror attribute (potentially base64-encoded JavaScript), leading to account takeover. Exploitation was observed in ...

7.2CVSS6.6AI score0.30164EPSS
Exploits0References14
OSV
OSV
added 2025/03/21 12:0 a.m.14 views

CVE-2025-30349

Horde IMP through 6.2.27, as used with Horde Application Framework through 5.2.23, allows XSS that leads to account takeover via a crafted text/html e-mail message with an onerror attribute that may use base64-encoded JavaScript code, as exploited in the wild in March 2025...

7.2CVSS6AI score0.30164EPSS
Exploits0References16
Rows per page
Query Builder