XSS in Horde Groupware

CVE-2010-4778

Multiple cross-site scripting (XSS) vulnerabilities in fetchmailprefs.php in Horde IMP before 4.3.8, and Horde Groupware Webmail Edition before 1.2.7, allow remote attackers to inject arbitrary web script or HTML via the (1) username (aka…

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.003 (49.9th percentile) — read the EPSS interpretation.