From securityaffairs.co
Researchers from SonarSource discovered a remote code execution vulnerability (CVE-2022-30287) in the open-source Horde Webmail client. Horde Webmail allows users to manage contacts, the flaw could be exploited by an authenticated user of a Horde instance to take over an email server by sending a specially crafted email to a victim.