Vulnerabilities > Horde > IMP > 3.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2004-12-31 | CVE-2004-1443 | HTML Injection vulnerability in Horde IMP HTML+TIME Cross-site scripting (XSS) vulnerability in the inline MIME viewer in Horde-IMP (Internet Messaging Program) 3.2.4 and earlier, when used with Internet Explorer, allows remote attackers to inject arbitrary web script or HTML via an e-mail message. network horde | 4.3 |
2004-08-06 | CVE-2004-0584 | HTML Injection vulnerability in Horde IMP Email Header Unknown vulnerability in Horde IMP 3.2.3 and earlier, before a "security fix," does not properly validate input, which allows remote attackers to execute arbitrary script as other users via script or HTML in an e-mail message, possibly triggering a cross-site scripting (XSS) vulnerability. network horde | 6.8 |