Required CVE Record Information
Description
Multiple cross-site scripting (XSS) vulnerabilities in Horde IMP before 4.2.2 and 4.3.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors to (1) smime.php, (2) pgp.php, and (3) message.php.
References 10 Total
- lists.opensuse.org: SUSE-SR:2009:007 vendor-advisory
- secunia.com: 33719 third-party-advisory
- debian.org: DSA-1770 vendor-advisory
- http://cvs.horde.org/co.php/imp/docs/CHANGES?r=1.699.2.375
- secunia.com: 34418 third-party-advisory
- http://cvs.horde.org/co.php/imp/docs/CHANGES?r=1.699.2.301.2.3
- lists.horde.org: [announce] 20090127 IMP 4.2.2 (final) mailing-list
- secunia.com: 34703 third-party-advisory
- lists.horde.org: [announce] 20090127 IMP 4.3.3 (final) mailing-list
- securityfocus.com: 33492 vdb-entry
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 10 Total
- lists.opensuse.org: SUSE-SR:2009:007 vendor-advisoryx_transferred
- secunia.com: 33719 third-party-advisoryx_transferred
- debian.org: DSA-1770 vendor-advisoryx_transferred
- http://cvs.horde.org/co.php/imp/docs/CHANGES?r=1.699.2.375 x_transferred
- secunia.com: 34418 third-party-advisoryx_transferred
- http://cvs.horde.org/co.php/imp/docs/CHANGES?r=1.699.2.301.2.3 x_transferred
- lists.horde.org: [announce] 20090127 IMP 4.2.2 (final) mailing-listx_transferred
- secunia.com: 34703 third-party-advisoryx_transferred
- lists.horde.org: [announce] 20090127 IMP 4.3.3 (final) mailing-listx_transferred
- securityfocus.com: 33492 vdb-entryx_transferred