Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site scripting (XSS) vulnerability in js/compose-dimp.js in Horde Internet Mail Program (IMP) before 5.0.24, as used in Horde Groupware Webmail Edition before 4.0.9, allows remote attackers to inject arbitrary web script or HTML via a crafted name for an attached file, related to the dynamic view.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Horde Internet Mail Program 跨站脚本漏洞
Vulnerability Description
Horde Groupware Webmail Edition是美国Horde公司的一款免费的基于通信套件的企业浏览器,它支持读取、发送电子邮件,管理和共享日历、联系人等。Horde Internet Mail Program(IMP)是其中的一个基于PHP的用于访问IMAP和POP3邮件帐户的互联网通讯程序。 Horde Groupware Webmail Edition 4.0.8及之前版本中使用的Horde IMP 5.0.23及之前版本中的js/compose-dimp.js文件存在跨站脚本漏洞。
CVSS Information
N/A
Vulnerability Type
N/A