Cross-Site Scripting Vulnerability in Horde-IMP by Horde
CVE-2004-1443

Currently unrated

Key Information:

Vendor

Horde

Status
Vendor
CVE Published:
31 December 2004

What is CVE-2004-1443?

The vulnerability permits attackers to inject arbitrary web scripts or HTML into the inline MIME viewer of Horde-IMP when accessed using Internet Explorer. This occurs in versions 3.2.4 and earlier, allowing potential exploitation through malicious email messages. Attackers can leverage this flaw to execute unwanted scripts in users' browsers, which may lead to various security risks, including information theft and session hijacking.

References

Timeline

  • Vulnerability Reserved

  • Vulnerability published

.