Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in fetchmailprefs.php in Horde IMP before 4.3.8, and Horde Groupware Webmail Edition before 1.2.7, allow remote attackers to inject arbitrary web script or HTML via the (1) username (aka fmusername), (2) password (aka fmpassword), or (3) server (aka fmserver) field in a fetchmail_prefs_save action, related to the Fetchmail configuration, a different issue than CVE-2010-3695. NOTE: some of these details are obtained from third party information.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Horde IMP和Groupware Webmail多个跨站脚本攻击漏洞
Vulnerability Description
IMP是一款基于Web的邮件程序,由Horde项目组开发,可用在Linux/Unix或Microsoft Windows操作系统下。 Horde IMP 4.3.8之前版本,以及Horde Groupware Webmail Edition 1.2.7之前版本中存在多个跨站脚本攻击漏洞。远程攻击者可以借助与Fetchmail配置有关的fetchmail_prefs_save操作的多个字段,注入任意web脚本或者HTML。这些字段包括:(1)username(又名fmusername),(2)passwor
CVSS Information
N/A
Vulnerability Type
N/A