CVE-2010-3695

Опубликовано: 31 мар. 2011

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in fetchmailprefs.php in Horde IMP before 4.3.8, and Horde Groupware Webmail Edition before 1.2.7, allows remote attackers to inject arbitrary web script or HTML via the fm_id parameter in a fetchmail_prefs_save action, related to the Fetchmail configuration.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:horde:imp:*:*:*:*:*:*:*:*

Версия до 4.3.7 (включая)

cpe:2.3:a:horde:imp:2.0:*:*:*:*:*:*:*

cpe:2.3:a:horde:imp:2.2:*:*:*:*:*:*:*

cpe:2.3:a:horde:imp:2.2.1:*:*:*:*:*:*:*

cpe:2.3:a:horde:imp:2.2.2:*:*:*:*:*:*:*

cpe:2.3:a:horde:imp:2.2.3:*:*:*:*:*:*:*

cpe:2.3:a:horde:imp:2.2.4:*:*:*:*:*:*:*

cpe:2.3:a:horde:imp:2.2.5:*:*:*:*:*:*:*

cpe:2.3:a:horde:imp:2.2.6:*:*:*:*:*:*:*

cpe:2.3:a:horde:imp:2.2.7:*:*:*:*:*:*:*

cpe:2.3:a:horde:imp:2.2.8:*:*:*:*:*:*:*

cpe:2.3:a:horde:imp:2.3:*:*:*:*:*:*:*

cpe:2.3:a:horde:imp:3.0:*:*:*:*:*:*:*

cpe:2.3:a:horde:imp:3.1:*:*:*:*:*:*:*

cpe:2.3:a:horde:imp:3.1.2:*:*:*:*:*:*:*

cpe:2.3:a:horde:imp:3.2:*:*:*:*:*:*:*

cpe:2.3:a:horde:imp:3.2.1:*:*:*:*:*:*:*

cpe:2.3:a:horde:imp:3.2.2:*:*:*:*:*:*:*

cpe:2.3:a:horde:imp:3.2.3:*:*:*:*:*:*:*

cpe:2.3:a:horde:imp:3.2.4:*:*:*:*:*:*:*

cpe:2.3:a:horde:imp:3.2.5:*:*:*:*:*:*:*

cpe:2.3:a:horde:imp:3.2.6:*:*:*:*:*:*:*

cpe:2.3:a:horde:imp:3.2.7:*:*:*:*:*:*:*

cpe:2.3:a:horde:imp:3.2.7:rc1:*:*:*:*:*:*

cpe:2.3:a:horde:imp:4.0:*:*:*:*:*:*:*

cpe:2.3:a:horde:imp:4.0.1:*:*:*:*:*:*:*

cpe:2.3:a:horde:imp:4.0.2:*:*:*:*:*:*:*

cpe:2.3:a:horde:imp:4.0.3:*:*:*:*:*:*:*

cpe:2.3:a:horde:imp:4.0.4:*:*:*:*:*:*:*

cpe:2.3:a:horde:imp:4.1.3:*:*:*:*:*:*:*

cpe:2.3:a:horde:imp:4.1.5:*:*:*:*:*:*:*

cpe:2.3:a:horde:imp:4.1.6:*:*:*:*:*:*:*

cpe:2.3:a:horde:imp:4.2:*:*:*:*:*:*:*

cpe:2.3:a:horde:imp:4.2.1:*:*:*:*:*:*:*

cpe:2.3:a:horde:imp:4.2.2:*:*:*:*:*:*:*

cpe:2.3:a:horde:imp:4.3:*:*:*:*:*:*:*

cpe:2.3:a:horde:imp:4.3.1:*:*:*:*:*:*:*

cpe:2.3:a:horde:imp:4.3.2:*:*:*:*:*:*:*

cpe:2.3:a:horde:imp:4.3.3:*:*:*:*:*:*:*

cpe:2.3:a:horde:imp:4.3.4:*:*:*:*:*:*:*

cpe:2.3:a:horde:imp:4.3.5:*:*:*:*:*:*:*

cpe:2.3:a:horde:imp:4.3.6:*:*:*:*:*:*:*

Конфигурация 2

Одно из

cpe:2.3:a:horde:groupware:*:*:*:*:*:*:*:*

Версия до 1.2.6 (включая)

cpe:2.3:a:horde:groupware:1.0:*:*:*:*:*:*:*

cpe:2.3:a:horde:groupware:1.0:rc1:*:*:*:*:*:*

cpe:2.3:a:horde:groupware:1.0:rc2:*:*:*:*:*:*

cpe:2.3:a:horde:groupware:1.0.1:*:*:*:*:*:*:*

cpe:2.3:a:horde:groupware:1.0.2:*:*:*:*:*:*:*

cpe:2.3:a:horde:groupware:1.0.3:*:*:*:*:*:*:*

cpe:2.3:a:horde:groupware:1.0.4:*:*:*:*:*:*:*

cpe:2.3:a:horde:groupware:1.0.5:*:*:*:*:*:*:*

cpe:2.3:a:horde:groupware:1.0.6:*:*:*:*:*:*:*

cpe:2.3:a:horde:groupware:1.0.7:*:*:*:*:*:*:*

cpe:2.3:a:horde:groupware:1.0.8:*:*:*:*:*:*:*

cpe:2.3:a:horde:groupware:1.1:*:*:*:*:*:*:*

cpe:2.3:a:horde:groupware:1.1:rc1:*:*:*:*:*:*

cpe:2.3:a:horde:groupware:1.1:rc2:*:*:*:*:*:*

cpe:2.3:a:horde:groupware:1.1:rc3:*:*:*:*:*:*

cpe:2.3:a:horde:groupware:1.1:rc4:*:*:*:*:*:*

cpe:2.3:a:horde:groupware:1.1.1:*:*:*:*:*:*:*

cpe:2.3:a:horde:groupware:1.1.2:*:*:*:*:*:*:*

cpe:2.3:a:horde:groupware:1.1.3:*:*:*:*:*:*:*

cpe:2.3:a:horde:groupware:1.1.4:*:*:*:*:*:*:*

cpe:2.3:a:horde:groupware:1.1.5:*:*:*:*:*:*:*

cpe:2.3:a:horde:groupware:1.1.6:*:*:*:*:*:*:*

cpe:2.3:a:horde:groupware:1.2:*:*:*:*:*:*:*

cpe:2.3:a:horde:groupware:1.2:rc1:*:*:*:*:*:*

cpe:2.3:a:horde:groupware:1.2.1:*:*:*:*:*:*:*

cpe:2.3:a:horde:groupware:1.2.2:*:*:*:*:*:*:*

cpe:2.3:a:horde:groupware:1.2.3:*:*:*:*:*:*:*

cpe:2.3:a:horde:groupware:1.2.3:rc1:*:*:*:*:*:*

cpe:2.3:a:horde:groupware:1.2.4:*:*:*:*:*:*:*

cpe:2.3:a:horde:groupware:1.2.5:*:*:*:*:*:*:*

EPSS

Процентиль: 78%

0.01169

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

CVE-2010-3695

ubuntu

почти 15 лет назад

CVE-2010-3695

debian

почти 15 лет назад

Cross-site scripting (XSS) vulnerability in fetchmailprefs.php in Hord ...

GHSA-f4jp-cg66-wxqc

github

больше 3 лет назад

EPSS

Процентиль: 78%

0.01169

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79