1 results (0.006 seconds)
CVSS: 6.1EPSS: 0%CPEs: 31EXPL: 0
CVSS: 6.1EPSS: 0%CPEs: 31EXPL: 0CVE-2012-5565
https://notcve.org/view.php?id=CVE-2012-5565
05 Apr 2014 — Cross-site scripting (XSS) vulnerability in js/compose-dimp.js in Horde Internet Mail Program (IMP) before 5.0.24, as used in Horde Groupware Webmail Edition before 4.0.9, allows remote attackers to inject arbitrary web script or HTML via a crafted name for an attached file, related to the dynamic view. Vulnerabilidad de XSS en js/compose-dimp.js en Horde Internet Mail Program (IMP) anterior a 5.0.24, utilizado en Horde Groupware Webmail Edition anterior a 4.0.9, permite a atacantes remotos inyectar script ... • http://lists.horde.org/archives/announce/2012/000833.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •