Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
&color=brightgreen)
Horde IMP through 6.2.27, as used with Horde Application Framework through 5.2.23, allows XSS that leads to account takeover via a crafted text/html e-mail message with an onerror attribute (that may use base64-encoded JavaScript code), as exploited in the wild in March 2025.
- https://github.com/natasaka/CVE-2025-30349/
- https://github.com/fkie-cad/nvd-json-data-feeds
- https://github.com/natasaka/CVE-2025-30349
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/plzheheplztrying/cve_monitor
- https://github.com/w4zu/Debian_security