Horde Imp suffers from a remote command execution vulnerability.
3f8cad1a53838f0bcdb404cbe6af33599b8dac2cb20f4252118cbfce956892d8
Horde IMP versions 4.3.7 and below suffer from a cross site scripting vulnerability.
9ff41ba9177770ccbc820350c56510861d2b3872483ac859fa61a08f09314f64