• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Horde Unspecified Error Message Cross-Site Scripting Vulnerability

Horde is prone to an unspecified cross-site scripting vulnerability. This issue is related to how Horde renders error messages.

Successful exploitation could let an attacker inject hostile HTML and script code into the browser session of another user in the context of the site hosting Horde. This could allow the attacker to steal cookie-based authentication credentials or to launch other attacks.