cbcvebase.
CVE-2006-4255
published 2006-08-21

CVE-2006-4255: Cross-site scripting (XSS) vulnerability in horde/imp/search.php in Horde IMP H3 before 4.1.3 allows remote attackers to include arbitrary web script or HTML…

PriorityP414medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EPSS
1.62%
73.1th percentile
Cross-site scripting (XSS) vulnerability in horde/imp/search.php in Horde IMP H3 before 4.1.3 allows remote attackers to include arbitrary web script or HTML via multiple unspecified vectors related to folder names, as injected into the vfolder_label form field in the IMP search screen.

Affected

39 ranges· showing 25
VendorProductVersion rangeFixed in
hordegroupware
hordehorde
hordehorde
hordehorde
hordehorde
hordehorde
hordehorde
hordehorde
hordehorde
hordehorde
hordehorde
hordehorde
hordehorde
hordehorde
hordeimp
hordeimp
hordeimp
hordeimp
hordeimp
hordeimp
hordeimp
hordeimp
hordeimp
hordeimp
hordeimp
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.