[imp] JS injection in Horde IMP 2.2.7
Chuck Hagenbuch
chuck@horde.org
Thu, 22 Aug 2002 09:32:58 -0400
Quoting datan@seas.upenn.edu:
> So it is possible that imp running on unpatched php 3.0.16 will be
> vulnerable even if 2.2.8 or 3.0+ ?
Sure, but PHP 3.0.16 is probably vulnerable to a million other things right
now - it's not even the latest release of PHP3, let alone the latest stable
PHP release!
-chuck
--
Charles Hagenbuch, <chuck@horde.org>
"After a few minutes the most aromatic and nice smelling Italian coffee
will come out of the exhaustpipe." - Our stove-top espresso pot