From securityaffairs.co
![Horde Webmail](https://i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2022/06/Horde-Webmail.jpg?resize=982%2C401&ssl=1)
Researchers from SonarSource discovered a remote code execution vulnerability (CVE-2022-30287) in the open-source Horde Webmail client. Horde Webmail allows users to manage contacts, the flaw could be exploited by an authenticated user of a Horde instance to take over an email server by sending a specially crafted email to a victim.