MUST READ

LunaLock Ransomware threatens victims by feeding stolen data to AI models

 | 

Hackers breached Salesloft ’s GitHub in March, and used stole tokens in a mass attack

 | 

Canadian investment platform Wealthsimple disclosed a data breach

 | 

Venezuela’s President Maduro said his Huawei Mate X6 cannot be hacked by US cyber spies

 | 

Czech cyber agency NUKIB flags Chinese espionage risks to critical infrastructure

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 61

 | 

Security Affairs newsletter Round 540 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Qantas cuts executive bonuses by 15% after a July data breach

 | 

MeetC2 - A serverless C2 framework that leverages Google Calendar APIs as a communication channel

 | 

Critical SAP S/4HANA flaw CVE-2025-42957 under active exploitation

 | 

U.S. CISA adds Sitecore, Android, and Linux flaws to its Known Exploited Vulnerabilities catalog

 | 

SVG files used in hidden malware campaign impersonating Colombian authorities

 | 

France’s CNIL fined Google $379M and Shein $175M for breaching cookie rules

 | 

$10M reward for Russia's FSB officers accused of hacking US Critical infrastructure

 | 

Severe Hikvision HikCentral product flaws: What You Need to Know

 | 

U.S. CISA adds TP-Link Archer C7(EU) and TL-WR841N flaws to its Known Exploited Vulnerabilities catalog

 | 

Google addressed two Android flaws actively exploited in targeted attacks

 | 

U.S. CISA adds WhatsApp, and TP-link flaws to its Known Exploited Vulnerabilities catalog

 | 

Android droppers evolved into versatile tools to spread malware

 | 

Jaguar Land Rover shuts down systems after cyberattack, no evidence of customer data theft

 | 

Horde Webmail Software is affected by a dangerous bug since 2012

Pierluigi Paganini February 23, 2022

Experts found a nine-year-old unpatched flaw in the Horde Webmail software that could allow access to email accounts.

A feature in the Horde Webmail is affected by a nine-year-old unpatched security vulnerability that could be abused to gain complete access to email accounts simply by previewing an attachment.

Horde Webmail is a free, enterprise-ready, and browser-based communication suite developed by the Horde project. This webmail solution is widely adopted by universities and government agencies.

“We discovered a code vulnerability in Horde that allows an attacker to gain full access to the email account of a victim when it loads the preview of a harmless-looking email attachment.” reads a report published by Sonarsource. “This gives the attacker access to all sensitive and perhaps secret information a victim has stored in their email account and could allow them to gain further access to the internal services of an organization.”

The vulnerability discovered by Sonarsource is a stored XSS vulnerability that was introduced with the commit 325a7ae, 9 years ago. The bug affects all the versions since the commit that took place on 30 Nov 2012.

The issue can be triggered by previewing a specially crafted OpenOffice document to execute a malicious JavaScript payload. Upon exploiting the issue, the attacker can steal all emails the victim has sent and received.

“An attacker can craft an OpenOffice document that when transformed to XHTML by Horde for preview can execute a malicious JavaScript payload.” continues the report. “The vulnerability triggers when a targeted user views an attached OpenOffice document in the browser.”

In the worst case, the attacker can compromise an administrator account and take over the webmail server.

Sonarsource reported this flaw almost 6 months ago, there is currently no official patch available. 

The researchers recommend disabling the rendering of OpenOffice attachments. Administrators can edit the config/mime_drivers.php file in the content root of their Horde installation add the 

'disable' => true

configuration option to the OpenOffice mime handler:

Horde Webmail 2

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Horde Webmail)

[adrotate banner=”5″]

[adrotate banner=”13″]

hacking news Horde Webmail information security news IT Information Security Pierluigi Paganini Security Affairs XSS

you might also like

Pierluigi Paganini September 08, 2025
Hackers breached Salesloft ’s GitHub in March, and used stole tokens in a mass attack
Read more
Pierluigi Paganini September 08, 2025
Venezuela’s President Maduro said his Huawei Mate X6 cannot be hacked by US cyber spies
Read more

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

LunaLock Ransomware threatens victims by feeding stolen data to AI models

Malware / September 09, 2025

Hackers breached Salesloft ’s GitHub in March, and used stole tokens in a mass attack

Hacking / September 08, 2025

Canadian investment platform Wealthsimple disclosed a data breach

Data Breach / September 08, 2025

Venezuela’s President Maduro said his Huawei Mate X6 cannot be hacked by US cyber spies

Security / September 08, 2025

Czech cyber agency NUKIB flags Chinese espionage risks to critical infrastructure

Intelligence / September 08, 2025