CVE-2010-3693

Опубликовано: 04 апр. 2011

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in Horde Dynamic IMP (DIMP) before 1.1.5, and Horde Groupware Webmail Edition before 1.2.7, allows remote attackers to inject arbitrary web script or HTML via vectors related to displaying mailbox names.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:horde:groupware:*:*:*:*:*:*:*:*

Версия до 1.2.6 (включая)

cpe:2.3:a:horde:groupware:1.0:*:*:*:*:*:*:*

cpe:2.3:a:horde:groupware:1.0:rc1:*:*:*:*:*:*

cpe:2.3:a:horde:groupware:1.0:rc2:*:*:*:*:*:*

cpe:2.3:a:horde:groupware:1.0.1:*:*:*:*:*:*:*

cpe:2.3:a:horde:groupware:1.0.2:*:*:*:*:*:*:*

cpe:2.3:a:horde:groupware:1.0.3:*:*:*:*:*:*:*

cpe:2.3:a:horde:groupware:1.0.4:*:*:*:*:*:*:*

cpe:2.3:a:horde:groupware:1.0.5:*:*:*:*:*:*:*

cpe:2.3:a:horde:groupware:1.0.6:*:*:*:*:*:*:*

cpe:2.3:a:horde:groupware:1.0.7:*:*:*:*:*:*:*

cpe:2.3:a:horde:groupware:1.0.8:*:*:*:*:*:*:*

cpe:2.3:a:horde:groupware:1.1:*:*:*:*:*:*:*

cpe:2.3:a:horde:groupware:1.1:rc1:*:*:*:*:*:*

cpe:2.3:a:horde:groupware:1.1:rc2:*:*:*:*:*:*

cpe:2.3:a:horde:groupware:1.1:rc3:*:*:*:*:*:*

cpe:2.3:a:horde:groupware:1.1:rc4:*:*:*:*:*:*

cpe:2.3:a:horde:groupware:1.1.1:*:*:*:*:*:*:*

cpe:2.3:a:horde:groupware:1.1.2:*:*:*:*:*:*:*

cpe:2.3:a:horde:groupware:1.1.3:*:*:*:*:*:*:*

cpe:2.3:a:horde:groupware:1.1.4:*:*:*:*:*:*:*

cpe:2.3:a:horde:groupware:1.1.5:*:*:*:*:*:*:*

cpe:2.3:a:horde:groupware:1.1.6:*:*:*:*:*:*:*

cpe:2.3:a:horde:groupware:1.2:*:*:*:*:*:*:*

cpe:2.3:a:horde:groupware:1.2:rc1:*:*:*:*:*:*

cpe:2.3:a:horde:groupware:1.2.1:*:*:*:*:*:*:*

cpe:2.3:a:horde:groupware:1.2.2:*:*:*:*:*:*:*

cpe:2.3:a:horde:groupware:1.2.3:*:*:*:*:*:*:*

cpe:2.3:a:horde:groupware:1.2.3:rc1:*:*:*:*:*:*

cpe:2.3:a:horde:groupware:1.2.4:*:*:*:*:*:*:*

cpe:2.3:a:horde:groupware:1.2.5:*:*:*:*:*:*:*

Конфигурация 2

Одно из

cpe:2.3:a:horde:dynamic_imp:*:*:*:*:*:*:*:*

Версия до 1.1.4 (включая)

cpe:2.3:a:horde:dynamic_imp:1.0:*:*:*:*:*:*:*

cpe:2.3:a:horde:dynamic_imp:1.0:alpha:*:*:*:*:*:*

cpe:2.3:a:horde:dynamic_imp:1.0:rc1:*:*:*:*:*:*

cpe:2.3:a:horde:dynamic_imp:1.0:rc2:*:*:*:*:*:*

cpe:2.3:a:horde:dynamic_imp:1.0:rc3:*:*:*:*:*:*

cpe:2.3:a:horde:dynamic_imp:1.1:*:*:*:*:*:*:*

cpe:2.3:a:horde:dynamic_imp:1.1:rc1:*:*:*:*:*:*

cpe:2.3:a:horde:dynamic_imp:1.1:rc2:*:*:*:*:*:*

cpe:2.3:a:horde:dynamic_imp:1.1.1:*:*:*:*:*:*:*

cpe:2.3:a:horde:dynamic_imp:1.1.2:*:*:*:*:*:*:*

cpe:2.3:a:horde:dynamic_imp:1.1.3:*:*:*:*:*:*:*

EPSS

Процентиль: 71%

0.00684

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

CVE-2010-3693

ubuntu

почти 15 лет назад

CVE-2010-3693

debian

почти 15 лет назад

Cross-site scripting (XSS) vulnerability in Horde Dynamic IMP (DIMP) b ...

GHSA-rhqp-4h92-3mxh

github

больше 3 лет назад

EPSS

Процентиль: 71%

0.00684

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79