Cross-site Scripting Vulnerability in Horde IMP and Horde Groupware Webmail Edition
CVE-2010-3695
Currently unrated
What is CVE-2010-3695?
An XSS vulnerability exists in fetchmailprefs.php within Horde IMP and Horde Groupware Webmail Edition. This flaw enables remote attackers to inject arbitrary web scripts or HTML through the fm_id parameter during a fetchmail_prefs_save action, impacting the security of the affected systems. Prompt updates to the latest versions can mitigate this vulnerability.
