![]() Ozdemir said some - though not all - of the vulnerabilities were recently fixed in the latest Horde webmail version. NIST, the government department that maintains the national vulnerability database, said this week that the flaws pose a “high” security risk to users. ![]() Security researchers typically give organizations three months to fix flaws before they are publicly disclosed. Once clicked, the inbox is downloaded to the attacker’s server.īut the researcher did not hear back from the Horde community. An attacker can scrape and download a victim’s entire inbox by tricking them into clicking a malicious link in an email. Numan Ozdemir disclosed his vulnerabilities to Horde in May. It’s used by universities, libraries and many web hosting providers as the default email client. It’s built and maintained by a core team of developers, with contributions from the wider open-source community. ![]() Horde is one of the most popular free and open-source web email systems available. A security researcher has found several vulnerabilities in the popular open-source Horde web email software that allow hackers to near-invisibly steal the contents of a victim’s inbox.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |