Horde IMP status.php3 XSS Vulnerability

Horde IMP is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2004 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:horde:imp";...

Horde IMP status.php3 XSS

The remote host is running at least one instance of Horde IMP in which the status.php3 script is vulnerable to a cross site scripting attack since information passed to it is not properly sanitized. OpenVAS Vulnerability Test $Id: impstatusxss.nasl 6053 2017-05-01 09:02:51Z teissa $ Description:...

Horde IMP status.php3 script Parameter XSS

The remote host is running at least one instance of Horde IMP in which the 'status.php3' script is vulnerable to a cross-site scripting attack since information passed to it is not properly sanitized. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...

CVE-2002-0181

CVE-2002-0181 — Horde IMP status.php3 XSS is confirmed in connected OpenVAS/NVD entries. The vulnerability arises in the status.php3 parameter handling of IMP 2.2.8 and HORDE 1.2.7, where user-supplied data is not properly sanitized, enabling cross-site scripting and potential cookie theft when a...

CVE-2002-0181

Cross-site scripting vulnerability in status.php3 for IMP 2.2.8 and HORDE 1.2.7 allows remote attackers to execute arbitrary web script and steal cookies of other IMP/HORDE users via the script parameter...