CVE-2010-3695
Publication date 31 March 2011
Last updated 24 July 2024
Ubuntu priority
Cross-site scripting (XSS) vulnerability in fetchmailprefs.php in Horde IMP before 4.3.8, and Horde Groupware Webmail Edition before 1.2.7, allows remote attackers to inject arbitrary web script or HTML via the fm_id parameter in a fetchmail_prefs_save action, related to the Fetchmail configuration.
Status
Package | Ubuntu Release | Status |
---|---|---|
imp4 | 13.10 saucy | Not in release |
13.04 raring | Not in release | |
12.10 quantal |
Not affected
|
|
12.04 LTS precise |
Not affected
|
|
11.10 oneiric |
Not affected
|
|
11.04 natty |
Not affected
|
|
10.10 maverick | Ignored end of life | |
10.04 LTS lucid | Ignored end of life | |
9.10 karmic | Ignored end of life | |
8.04 LTS hardy | Ignored end of life | |
6.06 LTS dapper | Ignored end of life |
Patch details
Package | Patch details |
---|---|
imp4 |