Описание
index.php in Horde Application Framework before 3.1.2 allows remote attackers to include web pages from other sites, which could be useful for phishing attacks, via a URL in the url parameter, aka "cross-site referencing." NOTE: some sources have referred to this issue as XSS, but it is different than classic XSS.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life |
| devel | released | 3.1.3-1 |
| edgy | released | 3.1.3-1 |
| feisty | released | 3.1.3-1 |
| gutsy | released | 3.1.3-1 |
| hardy | released | 3.1.3-1 |
| intrepid | released | 3.1.3-1 |
| jaunty | released | 3.1.3-1 |
| karmic | released | 3.1.3-1 |
| upstream | needs-triage |
Показывать по
Ссылки на источники
EPSS
4.3 Medium
CVSS2
Связанные уязвимости
index.php in Horde Application Framework before 3.1.2 allows remote attackers to include web pages from other sites, which could be useful for phishing attacks, via a URL in the url parameter, aka "cross-site referencing." NOTE: some sources have referred to this issue as XSS, but it is different than classic XSS.
index.php in Horde Application Framework before 3.1.2 allows remote at ...
index.php in Horde Application Framework before 3.1.2 allows remote attackers to include web pages from other sites, which could be useful for phishing attacks, via a URL in the url parameter, aka "cross-site referencing." NOTE: some sources have referred to this issue as XSS, but it is different than classic XSS.
EPSS
4.3 Medium
CVSS2