Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2012-0791

Опубликовано: 24 янв. 2012
Источник: nvd
CVSS2: 4.3
EPSS Низкий

Описание

Multiple cross-site scripting (XSS) vulnerabilities in Horde IMP before 5.0.18 and Horde Groupware Webmail Edition before 4.0.6 allow remote attackers to inject arbitrary web script or HTML via the (1) composeCache, (2) rtemode, or (3) filename_* parameters to the compose page; (4) formname parameter to the contacts popup window; or (5) IMAP mailbox names. NOTE: some of these details are obtained from third party information.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:horde:dynamic_imp:*:*:*:*:*:*:*:*
Версия до 5.0.17 (включая)
cpe:2.3:a:horde:dynamic_imp:1.0:*:*:*:*:*:*:*
cpe:2.3:a:horde:dynamic_imp:1.0:alpha:*:*:*:*:*:*
cpe:2.3:a:horde:dynamic_imp:1.0:rc1:*:*:*:*:*:*
cpe:2.3:a:horde:dynamic_imp:1.0:rc2:*:*:*:*:*:*
cpe:2.3:a:horde:dynamic_imp:1.0:rc3:*:*:*:*:*:*
cpe:2.3:a:horde:dynamic_imp:1.1:*:*:*:*:*:*:*
cpe:2.3:a:horde:dynamic_imp:1.1:rc1:*:*:*:*:*:*
cpe:2.3:a:horde:dynamic_imp:1.1:rc2:*:*:*:*:*:*
cpe:2.3:a:horde:dynamic_imp:1.1.1:*:*:*:*:*:*:*
cpe:2.3:a:horde:dynamic_imp:1.1.2:*:*:*:*:*:*:*
cpe:2.3:a:horde:dynamic_imp:1.1.3:*:*:*:*:*:*:*
cpe:2.3:a:horde:dynamic_imp:1.1.4:*:*:*:*:*:*:*
cpe:2.3:a:horde:dynamic_imp:1.1.5:*:*:*:*:*:*:*
cpe:2.3:a:horde:dynamic_imp:1.1.6:*:*:*:*:*:*:*
cpe:2.3:a:horde:dynamic_imp:5.0:*:*:*:*:*:*:*
cpe:2.3:a:horde:dynamic_imp:5.0.1:*:*:*:*:*:*:*
cpe:2.3:a:horde:dynamic_imp:5.0.2:*:*:*:*:*:*:*
cpe:2.3:a:horde:dynamic_imp:5.0.3:*:*:*:*:*:*:*
cpe:2.3:a:horde:dynamic_imp:5.0.4:*:*:*:*:*:*:*
cpe:2.3:a:horde:dynamic_imp:5.0.5:*:*:*:*:*:*:*
cpe:2.3:a:horde:dynamic_imp:5.0.6:*:*:*:*:*:*:*
cpe:2.3:a:horde:dynamic_imp:5.0.7:*:*:*:*:*:*:*
cpe:2.3:a:horde:dynamic_imp:5.0.8:*:*:*:*:*:*:*
cpe:2.3:a:horde:dynamic_imp:5.0.9:*:*:*:*:*:*:*
cpe:2.3:a:horde:dynamic_imp:5.0.10:*:*:*:*:*:*:*
cpe:2.3:a:horde:dynamic_imp:5.0.11:*:*:*:*:*:*:*
cpe:2.3:a:horde:dynamic_imp:5.0.12:*:*:*:*:*:*:*
cpe:2.3:a:horde:dynamic_imp:5.0.13:*:*:*:*:*:*:*
cpe:2.3:a:horde:dynamic_imp:5.0.14:*:*:*:*:*:*:*
cpe:2.3:a:horde:dynamic_imp:5.0.15:*:*:*:*:*:*:*
cpe:2.3:a:horde:dynamic_imp:5.0.16:*:*:*:*:*:*:*
cpe:2.3:a:horde:imp:2.0:*:*:*:*:*:*:*
cpe:2.3:a:horde:imp:2.2:*:*:*:*:*:*:*
cpe:2.3:a:horde:imp:2.2.1:*:*:*:*:*:*:*
cpe:2.3:a:horde:imp:2.2.2:*:*:*:*:*:*:*
cpe:2.3:a:horde:imp:2.2.3:*:*:*:*:*:*:*
cpe:2.3:a:horde:imp:2.2.4:*:*:*:*:*:*:*
cpe:2.3:a:horde:imp:2.2.5:*:*:*:*:*:*:*
cpe:2.3:a:horde:imp:2.2.6:*:*:*:*:*:*:*
cpe:2.3:a:horde:imp:2.2.7:*:*:*:*:*:*:*
cpe:2.3:a:horde:imp:2.2.8:*:*:*:*:*:*:*
cpe:2.3:a:horde:imp:2.3:*:*:*:*:*:*:*
cpe:2.3:a:horde:imp:3.0:*:*:*:*:*:*:*
cpe:2.3:a:horde:imp:3.1:*:*:*:*:*:*:*
cpe:2.3:a:horde:imp:3.1.2:*:*:*:*:*:*:*
cpe:2.3:a:horde:imp:3.2:*:*:*:*:*:*:*
cpe:2.3:a:horde:imp:3.2.1:*:*:*:*:*:*:*
cpe:2.3:a:horde:imp:3.2.2:*:*:*:*:*:*:*
cpe:2.3:a:horde:imp:3.2.3:*:*:*:*:*:*:*
cpe:2.3:a:horde:imp:3.2.4:*:*:*:*:*:*:*
cpe:2.3:a:horde:imp:3.2.5:*:*:*:*:*:*:*
cpe:2.3:a:horde:imp:3.2.6:*:*:*:*:*:*:*
cpe:2.3:a:horde:imp:3.2.7:*:*:*:*:*:*:*
cpe:2.3:a:horde:imp:3.2.7:rc1:*:*:*:*:*:*
cpe:2.3:a:horde:imp:4.0:*:*:*:*:*:*:*
cpe:2.3:a:horde:imp:4.0.1:*:*:*:*:*:*:*
cpe:2.3:a:horde:imp:4.0.2:*:*:*:*:*:*:*
cpe:2.3:a:horde:imp:4.0.3:*:*:*:*:*:*:*
cpe:2.3:a:horde:imp:4.0.4:*:*:*:*:*:*:*
cpe:2.3:a:horde:imp:4.1.3:*:*:*:*:*:*:*
cpe:2.3:a:horde:imp:4.1.5:*:*:*:*:*:*:*
cpe:2.3:a:horde:imp:4.1.6:*:*:*:*:*:*:*
cpe:2.3:a:horde:imp:4.2:*:*:*:*:*:*:*
cpe:2.3:a:horde:imp:4.2.1:*:*:*:*:*:*:*
cpe:2.3:a:horde:imp:4.2.2:*:*:*:*:*:*:*
cpe:2.3:a:horde:imp:4.3:*:*:*:*:*:*:*
cpe:2.3:a:horde:imp:4.3.1:*:*:*:*:*:*:*
cpe:2.3:a:horde:imp:4.3.2:*:*:*:*:*:*:*
cpe:2.3:a:horde:imp:4.3.3:*:*:*:*:*:*:*
cpe:2.3:a:horde:imp:4.3.4:*:*:*:*:*:*:*
cpe:2.3:a:horde:imp:4.3.5:*:*:*:*:*:*:*
cpe:2.3:a:horde:imp:4.3.6:*:*:*:*:*:*:*
cpe:2.3:a:horde:imp:4.3.7:*:*:*:*:*:*:*
cpe:2.3:a:horde:imp:4.3.8:*:*:*:*:*:*:*
cpe:2.3:a:horde:imp:4.3.9:*:*:*:*:*:*:*
cpe:2.3:a:horde:imp:5.0:*:*:*:*:*:*:*
cpe:2.3:a:horde:imp:5.0:alpha1:*:*:*:*:*:*
cpe:2.3:a:horde:imp:5.0:beta1:*:*:*:*:*:*
cpe:2.3:a:horde:imp:5.0:rc1:*:*:*:*:*:*
cpe:2.3:a:horde:imp:5.0:rc2:*:*:*:*:*:*
cpe:2.3:a:horde:imp:5.0.1:*:*:*:*:*:*:*
cpe:2.3:a:horde:imp:5.0.2:*:*:*:*:*:*:*
cpe:2.3:a:horde:imp:5.0.3:*:*:*:*:*:*:*
cpe:2.3:a:horde:imp:5.0.4-git:*:*:*:*:*:*:*
Конфигурация 2

Одно из

cpe:2.3:a:horde:groupware_webmail_edition:*:*:*:*:*:*:*:*
Версия до 4.0.5 (включая)
cpe:2.3:a:horde:groupware_webmail_edition:1.0:*:*:*:*:*:*:*
cpe:2.3:a:horde:groupware_webmail_edition:1.0:rc1:*:*:*:*:*:*
cpe:2.3:a:horde:groupware_webmail_edition:1.0:rc2:*:*:*:*:*:*
cpe:2.3:a:horde:groupware_webmail_edition:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:horde:groupware_webmail_edition:1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:horde:groupware_webmail_edition:1.0.3:*:*:*:*:*:*:*
cpe:2.3:a:horde:groupware_webmail_edition:1.0.4:*:*:*:*:*:*:*
cpe:2.3:a:horde:groupware_webmail_edition:1.0.5:*:*:*:*:*:*:*
cpe:2.3:a:horde:groupware_webmail_edition:1.0.6:*:*:*:*:*:*:*
cpe:2.3:a:horde:groupware_webmail_edition:1.0.7:*:*:*:*:*:*:*
cpe:2.3:a:horde:groupware_webmail_edition:1.0.8:*:*:*:*:*:*:*
cpe:2.3:a:horde:groupware_webmail_edition:1.1:*:*:*:*:*:*:*
cpe:2.3:a:horde:groupware_webmail_edition:1.1:rc1:*:*:*:*:*:*
cpe:2.3:a:horde:groupware_webmail_edition:1.1:rc2:*:*:*:*:*:*
cpe:2.3:a:horde:groupware_webmail_edition:1.1:rc3:*:*:*:*:*:*
cpe:2.3:a:horde:groupware_webmail_edition:1.1:rc4:*:*:*:*:*:*
cpe:2.3:a:horde:groupware_webmail_edition:1.1.1:*:*:*:*:*:*:*
cpe:2.3:a:horde:groupware_webmail_edition:1.1.2:*:*:*:*:*:*:*
cpe:2.3:a:horde:groupware_webmail_edition:1.1.3:*:*:*:*:*:*:*
cpe:2.3:a:horde:groupware_webmail_edition:1.1.4:*:*:*:*:*:*:*
cpe:2.3:a:horde:groupware_webmail_edition:1.1.5:*:*:*:*:*:*:*
cpe:2.3:a:horde:groupware_webmail_edition:1.1.6:*:*:*:*:*:*:*
cpe:2.3:a:horde:groupware_webmail_edition:1.2:*:*:*:*:*:*:*
cpe:2.3:a:horde:groupware_webmail_edition:1.2:rc1:*:*:*:*:*:*
cpe:2.3:a:horde:groupware_webmail_edition:1.2.1:*:*:*:*:*:*:*
cpe:2.3:a:horde:groupware_webmail_edition:1.2.2:*:*:*:*:*:*:*
cpe:2.3:a:horde:groupware_webmail_edition:1.2.3:*:*:*:*:*:*:*
cpe:2.3:a:horde:groupware_webmail_edition:1.2.3:rc1:*:*:*:*:*:*
cpe:2.3:a:horde:groupware_webmail_edition:1.2.4:*:*:*:*:*:*:*
cpe:2.3:a:horde:groupware_webmail_edition:1.2.5:*:*:*:*:*:*:*
cpe:2.3:a:horde:groupware_webmail_edition:1.2.6:*:*:*:*:*:*:*
cpe:2.3:a:horde:groupware_webmail_edition:1.2.7:*:*:*:*:*:*:*
cpe:2.3:a:horde:groupware_webmail_edition:1.2.8:*:*:*:*:*:*:*
cpe:2.3:a:horde:groupware_webmail_edition:1.2.9:*:*:*:*:*:*:*
cpe:2.3:a:horde:groupware_webmail_edition:1.2.10:*:*:*:*:*:*:*
cpe:2.3:a:horde:groupware_webmail_edition:4.0:*:*:*:*:*:*:*
cpe:2.3:a:horde:groupware_webmail_edition:4.0:rc1:*:*:*:*:*:*
cpe:2.3:a:horde:groupware_webmail_edition:4.0:rc2:*:*:*:*:*:*
cpe:2.3:a:horde:groupware_webmail_edition:4.0.1:*:*:*:*:*:*:*
cpe:2.3:a:horde:groupware_webmail_edition:4.0.2:*:*:*:*:*:*:*
cpe:2.3:a:horde:groupware_webmail_edition:4.0.3:*:*:*:*:*:*:*
cpe:2.3:a:horde:groupware_webmail_edition:4.0.4:*:*:*:*:*:*:*

EPSS

Процентиль: 73%
0.00749
Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

ubuntu логотип

CVE-2012-0791

ubuntu
около 14 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in Horde IMP before 5.0.18 and Horde Groupware Webmail Edition before 4.0.6 allow remote attackers to inject arbitrary web script or HTML via the (1) composeCache, (2) rtemode, or (3) filename_* parameters to the compose page; (4) formname parameter to the contacts popup window; or (5) IMAP mailbox names. NOTE: some of these details are obtained from third party information.

debian логотип

CVE-2012-0791

debian
около 14 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in Horde IMP befor ...

github логотип

GHSA-2j7j-jvr9-h35r

github
больше 3 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in Horde IMP before 5.0.18 and Horde Groupware Webmail Edition before 4.0.6 allow remote attackers to inject arbitrary web script or HTML via the (1) composeCache, (2) rtemode, or (3) filename_* parameters to the compose page; (4) formname parameter to the contacts popup window; or (5) IMAP mailbox names. NOTE: some of these details are obtained from third party information.

fstec логотип

BDU:2015-05413

fstec
около 11 лет назад

Уязвимость операционной системы openSUSE, позволяющая злоумышленнику нарушить целостность защищаемой информации

fstec логотип

BDU:2015-05412

fstec
около 14 лет назад

Уязвимость операционной системы openSUSE, позволяющая злоумышленнику нарушить целостность защищаемой информации

EPSS

Процентиль: 73%
0.00749
Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79