Imp
Monthly
Arbitrary file disclosure in Horde IMP webmail before 7.0.1 lets an authenticated user read any file the web server can access by planting directory-traversal sequences after a CKEditor path prefix inside an image src URL when composing mail. A weak stripos() prefix check fails to block traversal appended after the allowed prefix, so file_get_contents() pulls in files like /etc/passwd or configuration secrets and attaches them as MIME parts on the outgoing message. No public exploit identified at time of analysis, but VulnCheck published an advisory and the flaw is CSRF-triggerable against a live session, raising practical exposure for internet-facing Horde deployments.
Cross-site scripting (XSS) vulnerability in Horde Internet Mail Program (IMP) before 5.0.22, as used in Horde Groupware Webmail Edition before 4.0.9, allows remote attackers to inject arbitrary web. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.
Cross-site scripting (XSS) vulnerability in js/compose-dimp.js in Horde Internet Mail Program (IMP) before 5.0.24, as used in Horde Groupware Webmail Edition before 4.0.9, allows remote attackers to. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.
Multiple cross-site scripting (XSS) vulnerabilities in Horde IMP before 5.0.18 and Horde Groupware Webmail Edition before 4.0.6 allow remote attackers to inject arbitrary web script or HTML via the. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.
Arbitrary file disclosure in Horde IMP webmail before 7.0.1 lets an authenticated user read any file the web server can access by planting directory-traversal sequences after a CKEditor path prefix inside an image src URL when composing mail. A weak stripos() prefix check fails to block traversal appended after the allowed prefix, so file_get_contents() pulls in files like /etc/passwd or configuration secrets and attaches them as MIME parts on the outgoing message. No public exploit identified at time of analysis, but VulnCheck published an advisory and the flaw is CSRF-triggerable against a live session, raising practical exposure for internet-facing Horde deployments.
Cross-site scripting (XSS) vulnerability in Horde Internet Mail Program (IMP) before 5.0.22, as used in Horde Groupware Webmail Edition before 4.0.9, allows remote attackers to inject arbitrary web. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.
Cross-site scripting (XSS) vulnerability in js/compose-dimp.js in Horde Internet Mail Program (IMP) before 5.0.24, as used in Horde Groupware Webmail Edition before 4.0.9, allows remote attackers to. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.
Multiple cross-site scripting (XSS) vulnerabilities in Horde IMP before 5.0.18 and Horde Groupware Webmail Edition before 4.0.6 allow remote attackers to inject arbitrary web script or HTML via the. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.