Cross-site scripting (XSS) vulnerability in MIME/MIME/Contents.php in the MIME library in Horde 3.2.x before 3.2.2 allows remote attackers to inject arbitrary web script or HTML via the filename of a MIME attachment in an e-mail message.
AV:N/AC:M/Au:N/C:N/I:P/A:NHorde
APPHorde3.23.2.1
Related vulnerabilities
Horde 3.3.12, Horde Groupware 1.2.10, and Horde Groupware Webmail Edition 1.2.10, as distributed by FTP betwee...
Unspecified vulnerability in the Horde API in Horde 3.1 before 3.1.6 and 3.2 before 3.2 before 3.2-RC2; Turba ...
The default installation of Horde 3.0.4 contains an administrative account with a blank password, which allows...
Cross-site scripting vulnerability in status.php3 for IMP 2.2.8 and HORDE 1.2.7 allows remote attackers to exe...
The IMP plugin in Horde allows remote attackers to bypass firewall restrictions and use Horde as a proxy to sc...