CVE Vulnerabilities

CVE-2004-0584

Published: Aug 06, 2004 | Modified: Jul 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
6.8 MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Unknown vulnerability in Horde IMP 3.2.3 and earlier, before a security fix, does not properly validate input, which allows remote attackers to execute arbitrary script as other users via script or HTML in an e-mail message, possibly triggering a cross-site scripting (XSS) vulnerability.

Affected Software

Name Vendor Start Version End Version
Imp Horde 2.0 2.0
Imp Horde 2.2 2.2
Imp Horde 2.2.1 2.2.1
Imp Horde 2.2.2 2.2.2
Imp Horde 2.2.3 2.2.3
Imp Horde 2.2.4 2.2.4
Imp Horde 2.2.5 2.2.5
Imp Horde 2.2.6 2.2.6
Imp Horde 2.2.7 2.2.7
Imp Horde 2.2.8 2.2.8
Imp Horde 2.3 2.3
Imp Horde 3.0 3.0
Imp Horde 3.1 3.1
Imp Horde 3.1.2 3.1.2
Imp Horde 3.2 3.2
Imp Horde 3.2.1 3.2.1
Imp Horde 3.2.2 3.2.2
Imp Horde 3.2.3 3.2.3

References