Horde IMP Status.php3 XSS Network Vulnerability

Summary

The remote host is running at least one instance of Horde IMP in which the status.php3 script is vulnerable to a cross site scripting attack since information passed to it is not properly sanitized.

Solution

Upgrade to IMP version 2.2.8 or later.

Severity

Classification

CVE CVE-2002-0181

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Athena Web Registration remote command execution flaw
Apache Struts2 Redirection and Security Bypass Vulnerabilities
AjaxPortal 'di.php' File Inclusion Vulnerability
ActivePerl perlIS.dll Buffer Overflow
appRain CMF SQL Injection And Cross Site Scripting Vulnerabilities

Horde IMP status.php3 XSS

Take action and discover your vulnerabilities