NVD

Id
16016  
Name
CVE-2010-4778  
Description
Multiple cross-site scripting (XSS) vulnerabilities in fetchmailprefs.php in Horde IMP before 4.3.8, and Horde Groupware Webmail Edition before 1.2.7, allow remote attackers to inject arbitrary web script or HTML via the (1) username (aka fmusername), (2) password (aka fmpassword), or (3) server (aka fmserver) field in a fetchmail_prefs_save action, related to the Fetchmail configuration, a different issue than CVE-2010-3695. NOTE: some of these details are obtained from third party information.  
Reject
 
CVSS Version
2  
CVSS Score
4.3  
Severity
Medium  
CVSS Base Score
4.3  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:N/I:P/A:N)  
Pub Date
2017-01-18  
Published
2011-04-04  
Modified Date
2011-05-11  
Seq
2010-4778  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
90605 16016 CVE-2010-4778 http://git.horde.org/diff.php/imp/fetchmailprefs.php?rt=horde&r1=1.39.4.10&r2=1.39.4.11  View
90606 16016 CVE-2010-4778 ADV-2010-2513  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
33752 JVNDB-2011-003994 Horde Groupware Webmail Edition のfetchmailprefs.php におけるクロスサイトスクリプティングの脆弱性 Horde Groupware Webmail Edition のfetchmailprefs.php には、クロスサイトスクリプティングの脆弱性が存在します。 CVE-2010-4778 47358 CVE-2010-4778 16016 4.3 http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-003994.html 2011-04-04 2012-03-27 View