Cross-Site Scripting Vulnerabilities in Horde IMP Webmail Client
CVE-2007-1515
Currently unrated
What is CVE-2007-1515?
Horde IMP Webmail Client versions 4.1.3 and earlier are susceptible to multiple cross-site scripting vulnerabilities. Attackers can exploit these vulnerabilities to inject arbitrary web scripts or HTML into email communications through various parameters, such as the Subject header and the edit_query parameter in search.php. This exploitation could potentially allow unauthorized actions to be performed in the context of the affected user, leading to data leakage and other security concerns.
