Cross-Site Scripting Vulnerability in Horde IMP Email Client
CVE-2006-4255
Currently unrated
What is CVE-2006-4255?
The vulnerability in the Horde IMP email client allows remote attackers to exploit Cross-Site Scripting (XSS) by injecting arbitrary web scripts or HTML into the vfolder_label form field within the search interface. This can be done through various unspecified vectors related to folder names, posing a significant security risk to users and systems relying on this application. Users of Horde IMP versions prior to 4.1.3 are particularly susceptible and should take immediate measures to upgrade to mitigate this risk.
