Back to search
CVE-2007-1515
Published: Mar 20, 2007
Modified: Aug 7, 2024
PUBLISHED
Description
Multiple cross-site scripting (XSS) vulnerabilities in Horde IMP H3 4.1.3, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via (1) the email Subject header in thread.php, (2) the edit_query parameter in search.php, or other unspecified parameters in search.php. NOTE: some of these details are obtained from third party information.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
1017774
vdb-entry
x_refsource_SECTRACK
20070315 Horde IMP Webmail Client version H3 (4.1.4) fixes multiple XSS issues
mailing-list
x_refsource_FULLDISC
[announce] 20070314 IMP H3 (4.1.4) (final)
mailing-list
x_refsource_MLIST
20070315 Horde IMP Webmail Client version H3 (4.1.4) fixes multiple XSS issues
mailing-list
x_refsource_BUGTRAQ
ADV-2007-0964
vdb-entry
x_refsource_VUPEN
24541
third-party-advisory
x_refsource_SECUNIA
22975
vdb-entry
x_refsource_BID
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now