Описание
Cross-site scripting (XSS) vulnerability in horde 3 (horde3) before 3.1.1 allows remote attackers to inject arbitrary web script or HTML via (1) templates/problem/problem.inc and (2) test.php.
Ссылки
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 3.0.9 (включая)
Одно из
cpe:2.3:a:horde:horde:*:*:*:*:*:*:*:*
cpe:2.3:a:horde:horde:3.0:*:*:*:*:*:*:*
cpe:2.3:a:horde:horde:3.0.1:*:*:*:*:*:*:*
cpe:2.3:a:horde:horde:3.0.2:*:*:*:*:*:*:*
cpe:2.3:a:horde:horde:3.0.3:*:*:*:*:*:*:*
cpe:2.3:a:horde:horde:3.0.4:*:*:*:*:*:*:*
cpe:2.3:a:horde:horde:3.0.4_rc1:*:*:*:*:*:*:*
cpe:2.3:a:horde:horde:3.0.4_rc2:*:*:*:*:*:*:*
cpe:2.3:a:horde:horde:3.0.6:*:*:*:*:*:*:*
cpe:2.3:a:horde:horde:3.0.7:*:*:*:*:*:*:*
cpe:2.3:a:horde:horde:3.0.8:*:*:*:*:*:*:*
EPSS
Процентиль: 89%
0.04367
Низкий
6.8 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
ubuntu
около 19 лет назад
Cross-site scripting (XSS) vulnerability in horde 3 (horde3) before 3.1.1 allows remote attackers to inject arbitrary web script or HTML via (1) templates/problem/problem.inc and (2) test.php.
debian
около 19 лет назад
Cross-site scripting (XSS) vulnerability in horde 3 (horde3) before 3. ...
github
больше 3 лет назад
Cross-site scripting (XSS) vulnerability in horde 3 (horde3) before 3.1.1 allows remote attackers to inject arbitrary web script or HTML via (1) templates/problem/problem.inc and (2) test.php.
EPSS
Процентиль: 89%
0.04367
Низкий
6.8 Medium
CVSS2
Дефекты
NVD-CWE-Other