Candidate: CVE-2014-4945
PublicDate: 2014-07-14 14:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4945
 https://github.com/horde/horde/blob/c0144ac03814a8c2cf6fc5ac0d1af2653e9ee139/imp/docs/CHANGES
 https://github.com/horde/horde/blob/4513649810f13a32f1193bdeed76f7d85a5efa05/bundles/webmail/docs/CHANGES
 http://secunia.com/advisories/59772
 http://secunia.com/advisories/59770
 http://lists.horde.org/archives/announce/2014/001025.html
 http://lists.horde.org/archives/announce/2014/001019.html
Description:
 Multiple cross-site scripting (XSS) vulnerabilities in Horde Internet Mail
 Program (IMP) before 6.1.8, as used in Horde Groupware Webmail Edition
 before 5.1.5, allow remote attackers to inject arbitrary web script or HTML
 via an unspecified flag in the basic (1) mailbox or (2) message view.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_php-horde-imp:
upstream_php-horde-imp: released (6.2.0-1)
lucid_php-horde-imp: DNE
precise_php-horde-imp: DNE
precise/esm_php-horde-imp: DNE
trusty_php-horde-imp: ignored (reached end-of-life)
trusty/esm_php-horde-imp: DNE (trusty was needs-triage)
utopic_php-horde-imp: ignored (reached end-of-life)
vivid_php-horde-imp: ignored (reached end-of-life)
vivid/stable-phone-overlay_php-horde-imp: DNE
vivid/ubuntu-core_php-horde-imp: DNE
wily_php-horde-imp: ignored (reached end-of-life)
xenial_php-horde-imp: not-affected (6.2.12-1ubuntu1)
yakkety_php-horde-imp: ignored (reached end-of-life)
zesty_php-horde-imp: ignored (reached end-of-life)
artful_php-horde-imp: ignored (reached end-of-life)
bionic_php-horde-imp: not-affected (6.2.12-1ubuntu1)
cosmic_php-horde-imp: not-affected (6.2.12-1ubuntu1)
disco_php-horde-imp: not-affected (6.2.12-1ubuntu1)
devel_php-horde-imp: not-affected (6.2.12-1ubuntu1)