Cross-site scripting vulnerability in status.php3 for IMP 2.2.8 and HORDE 1.2.7 allows remote malicious users to execute arbitrary web script and steal cookies of other IMP/HORDE users via the script parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
horde horde 1.2.7 |
||
horde imp 2.2.8 |