FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

horde-imp -- XSS vulnerability

Affected packages
4.2,1 < horde-imp < 4.3.8,1
horde-imp < 4.3.8

Details

VuXML ID 6c4db192-cb23-11df-9c1b-0011098ad87f
Discovery 2010-09-28
Entry 2010-09-28
Modified 2011-09-23

The Horde team reports:

Thanks to Naumann IT Security Consulting for reporting the XSS vulnerability.

The major changes compared to IMP version H3 (4.3.7) are:

* Fixed an XSS vulnerability in the Fetchmail configuration.

[source]

References

URL http://article.gmane.org/gmane.comp.horde.announce/516
URL http://git.horde.org/diff.php/imp/docs/CHANGES?rt=horde&r1=1.699.2.424&r2=1.699.2.430&ty=h

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.