CVE-2025-30349 - Horde IMP Cross-Site Scripting XSS Vulnerability
CVE-2025-30349 - Horde IMP Cross-Site Scripting XSS Vulnerability
CVE ID : CVE-2025-30349 Published : March 21, 2025, 5:15 p.m. | 11 hours, 30 minutes ago Description : Horde IMP through 6.2.27, as used with Horde Application Framework through 5.2.23, allows XSS that leads to account takeover via a crafted text/html e-mail message with an onerror attribute (that may use base64-encoded JavaScript
CVE ID : CVE-2025-30349
Published : March 21, 2025, 5:15 p.m. | 11 hours, 30 minutes ago
Description : Horde IMP through 6.2.27, as used with Horde Application Framework through 5.2.23, allows XSS that leads to account takeover via a crafted text/html e-mail message with an onerror attribute (that may use base64-encoded JavaScript code), as exploited in the wild in March 2025.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…