Multiple XSS Vulnerabilities in Horde IMP and Groupware Webmail Edition
CVE-2010-4778
Currently unrated
What is CVE-2010-4778?
Horde IMP and Horde Groupware Webmail Edition are susceptible to multiple XSS vulnerabilities through the fetchmailprefs.php script. These vulnerabilities occur when users can inject arbitrary web scripts or HTML into the fields for username, password, and server during the fetchmail_prefs_save action. This exploit could allow remote attackers to execute malicious scripts within the context of a user's session, potentially compromising sensitive data and user authentication.
