Path Traversal Flaw in Horde IMP Affects Configuration Files
CVE-2026-58451

7.1HIGH

Key Information:

Vendor

Horde

Status
Vendor
CVE Published:
1 July 2026

What is CVE-2026-58451?

The path traversal vulnerability in Horde IMP allows authenticated attackers to exploit improper validation in lib/Compose.php, enabling them to read arbitrary files from the server's filesystem. This occurs by embedding traversal sequences after an expected CKEditor path prefix in img src URLs. The flaw enables attackers to bypass prefix validation and utilize file_get_contents() to access sensitive data, which can be sent out as MIME parts in emails. Additionally, unauthenticated exploitation is possible through cross-site request forgery (CSRF), targeting active authenticated sessions.

Affected Version(s)

imp 0

References

CVSS V4

Score:
7.1
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

evan
VulnCheck
.