Web application abuses : Horde IMP HTML MIME Viewer XSS Vulnerabilities

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.15393

Categoría: Web application abuses

Título: Horde IMP HTML MIME Viewer XSS Vulnerabilities

Resumen: The target is running at least one instance of Horde IMP whose version number; is between 3.0 and 3.2.5 inclusive.

Descripción: Summary:
The target is running at least one instance of Horde IMP whose version number
is between 3.0 and 3.2.5 inclusive.

Vulnerability Insight:
Such versions are vulnerable to several XSS attacks when viewing HTML messages
with the HTML MIME viewer and certain browsers.

For additional information, see the referenced 3.2.6 release announcement.

Solution:
Upgrade to Horde IMP version 3.2.6 or later.

CVSS Score:
4.3

CVSS Vector:
AV:N/AC:M/Au:N/C:N/I:P/A:N

Copyright Copyright (C) 2003-2004 George A. Theall

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.15393
Categoría:	Web application abuses
Título:	Horde IMP HTML MIME Viewer XSS Vulnerabilities
Resumen:	The target is running at least one instance of Horde IMP whose version number; is between 3.0 and 3.2.5 inclusive.
Descripción:	Summary: The target is running at least one instance of Horde IMP whose version number is between 3.0 and 3.2.5 inclusive. Vulnerability Insight: Such versions are vulnerable to several XSS attacks when viewing HTML messages with the HTML MIME viewer and certain browsers. For additional information, see the referenced 3.2.6 release announcement. Solution: Upgrade to Horde IMP version 3.2.6 or later. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Copyright	Copyright (C) 2003-2004 George A. Theall