3 matches found
Horde IMP 4.3.7 Cross Site Scripting
Hi, Horde IMP v4.3.7 and lower are subject to a cross site scripting XSS vulnerability: The fetchmailprefs.php script fails to properly sanitize user supplied input to the 'fmid' URL parameter. If exploited, injected code will be persistent persistent XSS and will execute once the user manually...
XSS in Horde IMP <=4.3.7, fetchmailprefs.php
Hi, Horde IMP v4.3.7 and lower are subject to a cross site scripting XSS vulnerability: The fetchmailprefs.php script fails to properly sanitize user supplied input to the 'fmid' URL parameter. If exploited, injected code will be persistent persistent XSS and will execute once the user manually...
horde -- remote code execution vulnerability in the help viewer
Horde 3.1.1 release announcement: Major changes compared to Horde 3.1 are: Fix for remote code execution vulnerability in the help viewer, discovered by Jan Schneider from the Horde team...