cpe:/a:horde:dynamic_imp:1.0 cpe:/a:horde:dynamic_imp:1.0:alpha cpe:/a:horde:dynamic_imp:1.0:rc1 cpe:/a:horde:dynamic_imp:1.0:rc2 cpe:/a:horde:dynamic_imp:1.0:rc3 cpe:/a:horde:dynamic_imp:1.1 cpe:/a:horde:dynamic_imp:1.1:rc1 cpe:/a:horde:dynamic_imp:1.1:rc2 cpe:/a:horde:dynamic_imp:1.1.1 cpe:/a:horde:dynamic_imp:1.1.2 cpe:/a:horde:dynamic_imp:1.1.3 cpe:/a:horde:dynamic_imp:1.1.4 cpe:/a:horde:dynamic_imp:1.1.5 cpe:/a:horde:dynamic_imp:1.1.6 cpe:/a:horde:dynamic_imp:5.0 cpe:/a:horde:dynamic_imp:5.0.1 cpe:/a:horde:dynamic_imp:5.0.2 cpe:/a:horde:dynamic_imp:5.0.3 cpe:/a:horde:dynamic_imp:5.0.4 cpe:/a:horde:dynamic_imp:5.0.5 cpe:/a:horde:dynamic_imp:5.0.6 cpe:/a:horde:dynamic_imp:5.0.7 cpe:/a:horde:dynamic_imp:5.0.8 cpe:/a:horde:dynamic_imp:5.0.9 cpe:/a:horde:dynamic_imp:5.0.10 cpe:/a:horde:dynamic_imp:5.0.11 cpe:/a:horde:dynamic_imp:5.0.12 cpe:/a:horde:dynamic_imp:5.0.13 cpe:/a:horde:dynamic_imp:5.0.14 cpe:/a:horde:dynamic_imp:5.0.15 cpe:/a:horde:dynamic_imp:5.0.16 cpe:/a:horde:dynamic_imp:5.0.17 cpe:/a:horde:groupware_webmail_edition:1.0 cpe:/a:horde:groupware_webmail_edition:1.0:rc1 cpe:/a:horde:groupware_webmail_edition:1.0:rc2 cpe:/a:horde:groupware_webmail_edition:1.0.1 cpe:/a:horde:groupware_webmail_edition:1.0.2 cpe:/a:horde:groupware_webmail_edition:1.0.3 cpe:/a:horde:groupware_webmail_edition:1.0.4 cpe:/a:horde:groupware_webmail_edition:1.0.5 cpe:/a:horde:groupware_webmail_edition:1.0.6 cpe:/a:horde:groupware_webmail_edition:1.0.7 cpe:/a:horde:groupware_webmail_edition:1.0.8 cpe:/a:horde:groupware_webmail_edition:1.1 cpe:/a:horde:groupware_webmail_edition:1.1:rc1 cpe:/a:horde:groupware_webmail_edition:1.1:rc2 cpe:/a:horde:groupware_webmail_edition:1.1:rc3 cpe:/a:horde:groupware_webmail_edition:1.1:rc4 cpe:/a:horde:groupware_webmail_edition:1.1.1 cpe:/a:horde:groupware_webmail_edition:1.1.2 cpe:/a:horde:groupware_webmail_edition:1.1.3 cpe:/a:horde:groupware_webmail_edition:1.1.4 cpe:/a:horde:groupware_webmail_edition:1.1.5 cpe:/a:horde:groupware_webmail_edition:1.1.6 cpe:/a:horde:groupware_webmail_edition:1.2 cpe:/a:horde:groupware_webmail_edition:1.2:rc1 cpe:/a:horde:groupware_webmail_edition:1.2.1 cpe:/a:horde:groupware_webmail_edition:1.2.2 cpe:/a:horde:groupware_webmail_edition:1.2.3 cpe:/a:horde:groupware_webmail_edition:1.2.3:rc1 cpe:/a:horde:groupware_webmail_edition:1.2.4 cpe:/a:horde:groupware_webmail_edition:1.2.5 cpe:/a:horde:groupware_webmail_edition:1.2.6 cpe:/a:horde:groupware_webmail_edition:1.2.7 cpe:/a:horde:groupware_webmail_edition:1.2.8 cpe:/a:horde:groupware_webmail_edition:1.2.9 cpe:/a:horde:groupware_webmail_edition:1.2.10 cpe:/a:horde:groupware_webmail_edition:4.0 cpe:/a:horde:groupware_webmail_edition:4.0:rc1 cpe:/a:horde:groupware_webmail_edition:4.0:rc2 cpe:/a:horde:groupware_webmail_edition:4.0.1 cpe:/a:horde:groupware_webmail_edition:4.0.2 cpe:/a:horde:groupware_webmail_edition:4.0.3 cpe:/a:horde:groupware_webmail_edition:4.0.4 cpe:/a:horde:groupware_webmail_edition:4.0.5 cpe:/a:horde:imp:2.0 cpe:/a:horde:imp:2.2 cpe:/a:horde:imp:2.2.1 cpe:/a:horde:imp:2.2.2 cpe:/a:horde:imp:2.2.3 cpe:/a:horde:imp:2.2.4 cpe:/a:horde:imp:2.2.5 cpe:/a:horde:imp:2.2.6 cpe:/a:horde:imp:2.2.7 cpe:/a:horde:imp:2.2.8 cpe:/a:horde:imp:2.3 cpe:/a:horde:imp:3.0 cpe:/a:horde:imp:3.1 cpe:/a:horde:imp:3.1.2 cpe:/a:horde:imp:3.2 cpe:/a:horde:imp:3.2.1 cpe:/a:horde:imp:3.2.2 cpe:/a:horde:imp:3.2.3 cpe:/a:horde:imp:3.2.4 cpe:/a:horde:imp:3.2.5 cpe:/a:horde:imp:3.2.6 cpe:/a:horde:imp:3.2.7 cpe:/a:horde:imp:3.2.7:rc1 cpe:/a:horde:imp:4.0 cpe:/a:horde:imp:4.0.1 cpe:/a:horde:imp:4.0.2 cpe:/a:horde:imp:4.0.3 cpe:/a:horde:imp:4.0.4 cpe:/a:horde:imp:4.1.3 cpe:/a:horde:imp:4.1.5 cpe:/a:horde:imp:4.1.6 cpe:/a:horde:imp:4.2 cpe:/a:horde:imp:4.2.1 cpe:/a:horde:imp:4.2.2 cpe:/a:horde:imp:4.3 cpe:/a:horde:imp:4.3.1 cpe:/a:horde:imp:4.3.2 cpe:/a:horde:imp:4.3.3 cpe:/a:horde:imp:4.3.4 cpe:/a:horde:imp:4.3.5 cpe:/a:horde:imp:4.3.6 cpe:/a:horde:imp:4.3.7 cpe:/a:horde:imp:4.3.8 cpe:/a:horde:imp:4.3.9 cpe:/a:horde:imp:5.0 cpe:/a:horde:imp:5.0:alpha1 cpe:/a:horde:imp:5.0:beta1 cpe:/a:horde:imp:5.0:rc1 cpe:/a:horde:imp:5.0:rc2 cpe:/a:horde:imp:5.0.1 cpe:/a:horde:imp:5.0.2 cpe:/a:horde:imp:5.0.3 cpe:/a:horde:imp:5.0.4-git CVE-2012-0791 2012-01-24T13:55:01.440-05:00 2018-01-17T21:29:07.287-05:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov 2012-01-25T10:05:00.000-05:00 SECTRACK 1026553 SECTRACK 1026554 SECUNIA 47580 SECUNIA 47592 BID 51586 DEBIAN DSA-2485 MLIST [oss-security] 20120121 Re: Re: CVE Request -- Horde IMP -- Multiple XSS flaws CONFIRM http://www.horde.org/apps/imp/docs/CHANGES CONFIRM http://www.horde.org/apps/imp/docs/RELEASE_NOTES CONFIRM http://www.horde.org/apps/webmail/docs/CHANGES CONFIRM http://www.horde.org/apps/webmail/docs/RELEASE_NOTES Multiple cross-site scripting (XSS) vulnerabilities in Horde IMP before 5.0.18 and Horde Groupware Webmail Edition before 4.0.6 allow remote attackers to inject arbitrary web script or HTML via the (1) composeCache, (2) rtemode, or (3) filename_* parameters to the compose page; (4) formname parameter to the contacts popup window; or (5) IMAP mailbox names. NOTE: some of these details are obtained from third party information.