VULHUB ™

Reportedly Horde IMP is affected by an HTML injection vulnerability due to insufficient sanitization of HTML+TIME script. An attacker can exploit this issue to gain access to an unsuspecting user's cookie based authentication credentials; disclosure of personal email is possible. Other attacks are also possible.

Reportedly Horde IMP is affected by an HTML injection vulnerability due to insufficient sanitization of HTML+TIME script. An attacker can exploit this issue to gain access to an unsuspecting user's cookie based authentication credentials; disclosure of personal email is possible. Other attacks are also possible.