Home | Docs | Forums | Lists | Bugs | Planet | Store | GMN | Get Gentoo!
Not eligible to see or edit group visibility for this bug.
View Bug Activity | Format For Printing | XML | Clone This Bug
A victims' web browser, running a previously authenticated IMP session, may be forced into loading a custom crafted URL pointing to the email search function. The payload will cause the client side script code contained in the specially crafted URL to be executed in the security context of the domain the vulnerable copy of IMP is accessed through. This allows for mounting XSS attacks. Reproducible: Always Steps to Reproduce: POC: [Base_HREF]/horde/imp/search.php?edit_query=%22%3E%3Cscript%3Ealert%28'XSS'%29%3C/script%3E%3Cx=%22
(In reply to comment #0) > A victims' web browser, running a previously authenticated IMP session, > may be forced into loading a custom crafted URL pointing to the email > search function. The payload will cause the client side script code > contained in the specially crafted URL to be executed in the security > context of the domain the vulnerable copy of IMP is accessed through. > This allows for mounting XSS attacks. > > Reproducible: Always > > Steps to Reproduce: > POC: > > [Base_HREF]/horde/imp/search.php?edit_query=%22%3E%3Cscript%3Ealert%28'XSS'%29%3C/script%3E%3Cx=%22 > i read now, about this bug in a security full disclosure that horde-imp-4.1.4 vuln too (now latest version in portage is 4.1.3)
Vapier/webapps please advise.
seems patched
Patched upstream or in Portage?
*** Bug 170979 has been marked as a duplicate of this bug. ***
*** Bug 175518 has been marked as a duplicate of this bug. ***
horde-4.1.4 now in portage
Arches please test and mark stable. Target keywords are: horde-imp-4.1.4.ebuild:KEYWORDS="alpha amd64 hppa ppc sparc x86"
x86 happy
Stable for HPPA.
sparc stable.
ppc stable
stable on alpha
waiting "amd" and then pls vote for GLSA.
amd64 stable
Please vote for GLSA.
I tend to vote NO.
i do vote no
me too.., bug CLOSED
