Cross-site scripting (XSS) vulnerability in Horde IMP Webmail client before 3.2.8 allows remote attackers to inject arbitrary web script or HTML via the parents frame page title.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Imp | Horde | * | 3.2.2 |
Imp | Horde | 3.2.4 | 3.2.4 |
Imp | Horde | 3.2.7_rc1 | 3.2.7_rc1 |
Imp | Horde | 3.2.3 | 3.2.3 |
Imp | Horde | 3.2.5 | 3.2.5 |
Imp | Horde | 3.2.6 | 3.2.6 |
Imp | Horde | 3.2.7 | 3.2.7 |