Cross-Site Scripting Vulnerability in IMP and HORDE Products
CVE-2002-0181

Currently unrated

Key Information:

Vendor

Horde

Status
Vendor
CVE Published:
22 April 2002

What is CVE-2002-0181?

A cross-site scripting vulnerability exists in the status.php3 script used by IMP 2.2.8 and HORDE 1.2.7. This flaw allows remote attackers to inject arbitrary web scripts into the page, which can lead to cookie theft from users of the impacted versions. Delivery of such scripts is facilitated through the manipulation of script parameters, making it essential for users to secure their applications from potential exploitation.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.