[Tickets #5892] Linked attachment feature vulnerability
bugs at bugs.horde.org
bugs at bugs.horde.org
Thu Nov 15 20:55:45 UTC 2007
DO NOT REPLY TO THIS MESSAGE. THIS EMAIL ADDRESS IS NOT MONITORED.
Ticket URL: http://bugs.horde.org/ticket/?id=5892
-----------------------------------------------------------------------
Ticket | 5892
Created By | joao_mauricio at clix.pt
Summary | Linked attachment feature vulnerability
Queue | IMP
Version | 4.1.3
Type | Bug
State | Unconfirmed
Priority | 3. High
Owners |
-----------------------------------------------------------------------
joao_mauricio at clix.pt (2007-11-15 12:55) wrote:
By exploiting the jar: protocol feature of Mozilla Firefox and the fact
that the Imp Web Client allows things like
"https://mail.server/horde/imp/attachment.php?u=user&t=4827164921&f=example.jpg",
it's possible to execute various XSS attacks. For example:
"jar:https://mail.server/horde/imp/attachment.php?u=user&t=4827164921&f=example.jar!/evil.htm".
More information about the bugs
mailing list