Horde Vulnerabilities Allow Launching of Script Injection & XSS Attacks
According to news published by Secunia on June 16, 2008, some security flaws in various Horde products have been reported that malicious users could exploit to launch script injection as well as cross-site scripting (XSS) attacks.
Horde, a Web application with an open-source framework, is based on Hypertext Preprocessor or PHP. It offers widely used applications like the Horde Interface Message Processor (IMP) mail client used as a wiki and groupware solution.
Reports coming to Secunia revealed that the first flaw relates to the input passed through Horde products. According to experts, when the input is transmitted to different item names without properly sanitizing or cleaning it, the flaw occurs. This flaw could be exploited to inject arbitrary script code and HyperText M...
» SPAMfighter News - 7/1/2008
We are happy to see you are reading our IT Security News.
We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!