Release Notes: This release prevents some potential cross-site scripting (CSS) attacks. Site administrators should consider upgrading to IMP 3, but if this is not possible, IMP 2.2.8 should be used to prevent these potential attacks. This release also has an update for Informix.
Release Notes: This minor release fixes a potential session hijacking vulnerability using a cross-site scripting (CSS) attack, and also contains a new Chinese (Simplified) translation.
Release Notes: This release improves IMP's filtering of malicious HTML scripting constructs in HTML attachments, which can be used by an attacker to run scripting code in the user's browser. It also contains a long list of bugfixes and minor improvements, most notably the fix for attachment downloading for IE 5.5 users.