[imp] Horde v 5.2.22 vulnerability – obfuscation via HTML encoding – XSS payload

The vulnerability was tested on latest version as stated here: https://www.horde.org/download/imp, but with applied patches: Horde 5.2.23 IMP 6.2.27 Regards. -- imp mailing list Frequently Asked Questions: http://wiki.horde.org/FAQ To unsubscribe, mail: imp-unsubscr...@lists.horde.org

Re: [imp] Horde v 5.2.22 vulnerability – obfuscation via HTML encoding – XSS payload

Hi, is Horde 5.2.23 / 5.2.24 affected? azurit Citát "Nataša K. Arh" : Hi. I forgot to mention that currently the fastest way to mitigate the vulnerability is to disable HTML email view and enable only text/plain view of the email content. Regards, Tasha & Vito On Fri, Mar 21, 2025 at 9