FreeBSD : horde -- multiple vulnerabilities (7d239578-7ff2-11dd-8de5-0030843d3802)
Medium Nessus Plugin ID 34165
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionSecunia reports :
Some vulnerabilities have been reported in various Horde products, which can be exploited by malicious people to conduct script insertion attacks
Input via MIME attachment linking is not properly sanitised in the MIME library before being used. This can be exploited to execute arbitrary HTML and script code in a user's browser session if e.g. a malicious email is viewed.
Certain unspecified input in HTML messages is not properly sanitised before being used. This can be exploited to execute arbitrary HTML and script in a user's browser session if e.g. a malicious HTML email is viewed.
SolutionUpdate the affected package.