Horde IMP Encoded Cross-Agent Scripting Vulnerability

IMP is a powerful web-based mail interface/client developed by members of the Horde project. Horde Application Framework provides support for dealing with things like preferences, compression, browser detection, connection tracking, etc.

Web users may use the webmail interface to send E-mail containing malicious JavaScript commands. The malicious commands will be executed in the browser of the user receiving the e-mail.


 

Privacy Statement
Copyright 2010, SecurityFocus