Path Traversal Flaw in Horde IMP Affects Configuration Files
CVE-2026-58451
7.1HIGH
What is CVE-2026-58451?
The path traversal vulnerability in Horde IMP allows authenticated attackers to exploit improper validation in lib/Compose.php, enabling them to read arbitrary files from the server's filesystem. This occurs by embedding traversal sequences after an expected CKEditor path prefix in img src URLs. The flaw enables attackers to bypass prefix validation and utilize file_get_contents() to access sensitive data, which can be sent out as MIME parts in emails. Additionally, unauthenticated exploitation is possible through cross-site request forgery (CSRF), targeting active authenticated sessions.
Affected Version(s)
imp 0
