[pkg-horde] Bug#415117: imp4: XSS vulnerability in search screen
and thread view
Lionel Elie Mamane
lionel at mamane.lu
Fri Mar 16 08:33:26 CET 2007
Package: imp4
Version: 4.0.2-1
Severity: grave
Tags: security
Justification: security hole when package used
Upstream changelog of new version says:
This (..) fixes two cross site scripting vulnerabilities.
Major changes compared to the IMP H3 (4.1.4-RC1) version are:
* Fixed XSS vulnerabilities in the search screen and thread view.
Sarge may or may not be vulnerable, I haven't checked yet.x
More information about the pkg-horde-hackers
mailing list