Описание
index.php in Horde Application Framework before 3.1.2 allows remote attackers to include web pages from other sites, which could be useful for phishing attacks, via a URL in the url parameter, aka "cross-site referencing." NOTE: some sources have referred to this issue as XSS, but it is different than classic XSS.
index.php in Horde Application Framework before 3.1.2 allows remote attackers to include web pages from other sites, which could be useful for phishing attacks, via a URL in the url parameter, aka "cross-site referencing." NOTE: some sources have referred to this issue as XSS, but it is different than classic XSS.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2006-4256
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28411
- http://lists.horde.org/archives/announce/2006/000292.html
- http://secunia.com/advisories/21500
- http://secunia.com/advisories/27565
- http://securityreason.com/securityalert/1422
- http://securitytracker.com/id?1016713
- http://www.debian.org/security/2007/dsa-1406
- http://www.scip.ch/cgi-bin/smss/showadvf.pl?id=2456
- http://www.securityfocus.com/archive/1/443360/100/0/threaded
- http://www.vupen.com/english/advisories/2006/3309
EPSS
CVE ID
Связанные уязвимости
index.php in Horde Application Framework before 3.1.2 allows remote attackers to include web pages from other sites, which could be useful for phishing attacks, via a URL in the url parameter, aka "cross-site referencing." NOTE: some sources have referred to this issue as XSS, but it is different than classic XSS.
index.php in Horde Application Framework before 3.1.2 allows remote attackers to include web pages from other sites, which could be useful for phishing attacks, via a URL in the url parameter, aka "cross-site referencing." NOTE: some sources have referred to this issue as XSS, but it is different than classic XSS.
index.php in Horde Application Framework before 3.1.2 allows remote at ...
EPSS