2 matches found
CVE-2012-0791
CVE-2012-0791 is a set of cross-site scripting (XSS) vulnerabilities in Horde IMP and Horde Groupware Webmail Edition. The NVD description specifies XSS vectors via composeCache, rtemode, filename_* on the compose page; the contacts popup formname; and IMAP mailbox names. Affected products/versio...
CVE-2010-3693
CVE-2010-3693 is an XSS vulnerability in Horde Dynamic IMP (DIMP) before 1.1.5 and Horde Groupware Webmail Edition before 1.2.7. It allows remote attackers to inject arbitrary web script or HTML via vectors related to displaying mailbox names. The documents do not specify exploitation status or c...