XSS Vulnerability in Horde Internet Mail Program Affecting Horde Groupware Webmail Edition
CVE-2012-6640
Currently unrated
What is CVE-2012-6640?
A cross-site scripting (XSS) vulnerability exists in the Horde Internet Mail Program (IMP) prior to version 5.0.22, as utilized in the Horde Groupware Webmail Edition before version 4.0.9. This vulnerability enables remote attackers to exploit the system by injecting arbitrary web script or HTML through a specially crafted SVG image attachment. This poses a significant security risk as it can lead to unauthorized access and manipulation of user sessions or data.
