CVEDB API - Fast Vulnerability Dashboard

Vulnerabilities

Vulnerable Software

Horde: >> Imp >> 5.0.11 Security Vulnerabilities

CVE-2012-5565

Cross-site scripting (XSS) vulnerability in js/compose-dimp.js in Horde Internet Mail Program (IMP) before 5.0.24, as used in Horde Groupware Webmail Edition before 4.0.9, allows remote attackers to inject arbitrary web script or HTML via a crafted name for an attached file, related to the dynamic view.

CVSS Score

4.3

EPSS Score

0.003

Published

2014-04-05

CVE-2012-6640

Cross-site scripting (XSS) vulnerability in Horde Internet Mail Program (IMP) before 5.0.22, as used in Horde Groupware Webmail Edition before 4.0.9, allows remote attackers to inject arbitrary web script or HTML via a crafted SVG image attachment, a different vulnerability than CVE-2012-5565.

CVSS Score

4.3

EPSS Score

0.003

Published

2014-04-05

Page 1

Products

Pricing

Contact Us

support@shodan.io

Shodan ® - All rights reserved