CVE-2025-30349

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2025-30349
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-30349.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-30349
Downstream
Published
2025-03-21T17:15:40.853Z
Modified
2026-03-15T22:50:45.168336Z
Severity
  • 7.2 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N CVSS Calculator
Summary
[none]
Details

Horde IMP through 6.2.27, as used with Horde Application Framework through 5.2.23, allows XSS that leads to account takeover via a crafted text/html e-mail message with an onerror attribute (that may use base64-encoded JavaScript code), as exploited in the wild in March 2025.

References

Affected packages

Git / github.com/horde/base

Affected ranges

Type
GIT
Repo
https://github.com/horde/base
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
ca32251e62b2ed91594da81ca2e5d34b85a03d03
Fixed
ca32251e62b2ed91594da81ca2e5d34b85a03d03
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "5.2.23"
        }
    ]
}
Type
GIT
Repo
https://github.com/horde/imp
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
d8415bd1e8c0d07302e974294522c28af280ba2a
Fixed
d8415bd1e8c0d07302e974294522c28af280ba2a
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "6.2.27"
        }
    ]
}
Type
GIT
Repo
https://github.com/horde/webmail
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
9443d11b0d68ee718b59c27fbe360e4a0ae95c60

Affected versions

v4.*
v4.0.0
v4.0.0beta1
v4.0.0rc1
v4.0.0rc2
v4.0.1
v4.0.10
v4.0.11
v4.0.12
v4.0.13
v4.0.14
v4.0.15
v4.0.2
v4.0.3
v4.0.4
v4.0.5
v4.0.6
v4.0.7
v4.0.8
v4.0.9
v5.*
v5.0.0
v5.0.0alpha1
v5.0.0beta1
v5.0.0beta2
v5.0.0beta3
v5.0.0beta4
v5.0.0beta5
v5.0.0beta6
v5.0.0rc1
v5.0.0rc2
v5.0.1
v5.0.10
v5.0.11
v5.0.12
v5.0.13
v5.0.14
v5.0.15
v5.0.16
v5.0.17
v5.0.18
v5.0.19
v5.0.2
v5.0.20
v5.0.21
v5.0.22
v5.0.3
v5.0.4
v5.0.5
v5.0.6
v5.0.7
v5.0.8
v5.0.9
v5.1.0
v5.1.0beta1
v5.1.0beta2
v5.1.0beta3
v5.1.0rc1
v5.1.1
v5.1.2
v5.1.3
v5.1.4
v5.1.5
v5.2.0
v5.2.0alpha1
v5.2.0beta1
v5.2.0beta2
v5.2.0rc1
v5.2.0rc2
v5.2.1
v5.2.10
v5.2.11
v5.2.12
v5.2.13
v5.2.14
v5.2.15
v5.2.16
v5.2.17
v5.2.18
v5.2.19
v5.2.2
v5.2.20
v5.2.21
v5.2.3
v5.2.4
v5.2.5
v5.2.6
v5.2.7
v5.2.8
v5.2.9
v6.*
v6.0.0
v6.0.0alpha1
v6.0.0beta1
v6.0.0beta2
v6.0.0beta3
v6.0.0beta4
v6.0.0rc1
v6.0.0rc2
v6.0.1
v6.0.2
v6.0.3
v6.0.4
v6.1.0
v6.1.0beta1
v6.1.0beta2
v6.1.0rc1
v6.1.1
v6.1.2
v6.1.3
v6.1.4
v6.1.5
v6.1.6
v6.2.0
v6.2.0alpha1
v6.2.0beta1
v6.2.0beta2
v6.2.0beta3
v6.2.0rc1
v6.2.1
v6.2.10
v6.2.11
v6.2.12
v6.2.13
v6.2.14
v6.2.15
v6.2.16
v6.2.17
v6.2.18
v6.2.19
v6.2.2
v6.2.20
v6.2.21
v6.2.22
v6.2.23
v6.2.24
v6.2.25
v6.2.26
v6.2.3
v6.2.4
v6.2.5
v6.2.6
v6.2.7
v6.2.8
v6.2.9

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-30349.json"