Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2005-3759

Опубликовано: 22 нояб. 2005
Источник: nvd
CVSS2: 5.8
EPSS Низкий

Описание

Multiple cross-site scripting (XSS) vulnerabilities in Horde before 3.0.7 allow remote attackers to inject arbitrary web script or HTML via the (1) gzip/tar and (2) css MIME viewers, which do not filter or escape dangerous HTML when extracting and displaying attachments.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:horde:horde:1.2:*:*:*:*:*:*:*
cpe:2.3:a:horde:horde:1.2.1:*:*:*:*:*:*:*
cpe:2.3:a:horde:horde:1.2.2:*:*:*:*:*:*:*
cpe:2.3:a:horde:horde:1.2.3:*:*:*:*:*:*:*
cpe:2.3:a:horde:horde:1.2.4:*:*:*:*:*:*:*
cpe:2.3:a:horde:horde:1.2.5:*:*:*:*:*:*:*
cpe:2.3:a:horde:horde:1.2.6:*:*:*:*:*:*:*
cpe:2.3:a:horde:horde:1.2.7:*:*:*:*:*:*:*
cpe:2.3:a:horde:horde:1.2.8:*:*:*:*:*:*:*
cpe:2.3:a:horde:horde:2.0:*:*:*:*:*:*:*
cpe:2.3:a:horde:horde:2.1:*:*:*:*:*:*:*
cpe:2.3:a:horde:horde:2.1.3:*:*:*:*:*:*:*
cpe:2.3:a:horde:horde:2.2:*:*:*:*:*:*:*
cpe:2.3:a:horde:horde:2.2.1:*:*:*:*:*:*:*
cpe:2.3:a:horde:horde:2.2.3:*:*:*:*:*:*:*
cpe:2.3:a:horde:horde:2.2.4:*:*:*:*:*:*:*
cpe:2.3:a:horde:horde:2.2.4_rc1:*:*:*:*:*:*:*
cpe:2.3:a:horde:horde:2.2.5:*:*:*:*:*:*:*
cpe:2.3:a:horde:horde:2.2.6:*:*:*:*:*:*:*
cpe:2.3:a:horde:horde:2.2.7:*:*:*:*:*:*:*
cpe:2.3:a:horde:horde:2.2.8:*:*:*:*:*:*:*
cpe:2.3:a:horde:horde:2.2.9:*:*:*:*:*:*:*
cpe:2.3:a:horde:horde:3.0:*:*:*:*:*:*:*
cpe:2.3:a:horde:horde:3.0.1:*:*:*:*:*:*:*
cpe:2.3:a:horde:horde:3.0.2:*:*:*:*:*:*:*
cpe:2.3:a:horde:horde:3.0.3:*:*:*:*:*:*:*
cpe:2.3:a:horde:horde:3.0.4:*:*:*:*:*:*:*
cpe:2.3:a:horde:horde:3.0.4_rc1:*:*:*:*:*:*:*
cpe:2.3:a:horde:horde:3.0.4_rc2:*:*:*:*:*:*:*
cpe:2.3:a:horde:horde:3.0.6:*:*:*:*:*:*:*
cpe:2.3:a:horde:horde:3.0.7:*:*:*:*:*:*:*

EPSS

Процентиль: 71%
0.00714
Низкий

5.8 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

ubuntu логотип

CVE-2005-3759

ubuntu
почти 20 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in Horde before 3.0.7 allow remote attackers to inject arbitrary web script or HTML via the (1) gzip/tar and (2) css MIME viewers, which do not filter or escape dangerous HTML when extracting and displaying attachments.

debian логотип

CVE-2005-3759

debian
почти 20 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in Horde before 3. ...

github логотип

GHSA-3qg9-cv5p-h6hq

github
больше 3 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in Horde before 3.0.7 allow remote attackers to inject arbitrary web script or HTML via the (1) gzip/tar and (2) css MIME viewers, which do not filter or escape dangerous HTML when extracting and displaying attachments.

EPSS

Процентиль: 71%
0.00714
Низкий

5.8 Medium

CVSS2

Дефекты

CWE-79