Horde Webmail 'addevent.php' Cross-Site Scripting Vulnerability

Bugtraq ID: 28898
Class: Input Validation Error
CVE:
Remote: Yes
Local: No
Published: Apr 23 2008 12:00AM
Updated: Jun 16 2008 06:12PM
Credit: Aria-Security Team
Vulnerable: Red Hat Fedora 8
Red Hat Fedora 7
Horde Project Kronolith 2.1.7
Horde Project Kronolith 2.1.4
+ Debian Linux 4.0 sparc
 + Debian Linux 4.0 s/390
 + Debian Linux 4.0 powerpc
 + Debian Linux 4.0 mipsel
 + Debian Linux 4.0 mips
 + Debian Linux 4.0 m68k
 + Debian Linux 4.0 ia-64
 + Debian Linux 4.0 ia-32
 + Debian Linux 4.0 hppa
 + Debian Linux 4.0 arm
 + Debian Linux 4.0 amd64
 + Debian Linux 4.0 alpha
 + Debian Linux 4.0
 Horde Project Groupware Webmail Edition 1.0.6
Horde Project Groupware 1.0.5
Not Vulnerable: Horde Project Groupware Webmail Edition 1.1.1
Horde Project Groupware Webmail Edition 1.0.7
Horde Project Groupware 1.1.1
Horde Project Groupware 1.0.6


 

Privacy Statement
Copyright 2010, SecurityFocus