Unrated severityNVD Advisory· Published Jul 28, 2022· Updated Oct 19, 2024
CVE-2022-30287
CVE-2022-30287
Description
Horde Groupware Webmail Edition through 5.2.22 allows a reflection injection attack through which an attacker can instantiate a driver class. This then leads to arbitrary deserialization of PHP objects.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: <=5.2.22
Patches
Vulnerability mechanics
References
3- blog.sonarsource.com/horde-webmail-rce-via-email/mitrex_refsource_MISC
- lists.debian.org/debian-lts-announce/2022/08/msg00022.htmlmitremailing-listx_refsource_MLIST
- www.horde.org/apps/webmailmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.