[announce] [SECURITY] XSS vulnerability in Horde_Mime_Viewer_Ooo

Jan Schneider jan at horde.org
Tue Mar 1 21:19:52 UTC 2022

The Horde Team is pleased to announce the final release of the  
Horde_Mime_Viewer library version 2.2.3.

Horde_Mime_Viewer is a library that provides rendering drivers for MIME data.

An XSS vulnerability in the Open Document viewer has been reported by  
Simon Scannell from SonarSource. You can find the full report and  
mitigation measures at  

Thanks to Simon Scannell for reporting this issue and for the detailed  
report, and apologies for not releasing a fix within the disclosure  

For upgrading instructions, please see

The Horde Team.

Jan Schneider
The Horde Project

More information about the announce mailing list