Lucene search
HistoryOct 09, 2007 - 10:00 a.m.
CVE-2004-2741
cve
2004
2741
xss
vulnerability
horde application framework
web script
html
remote attackers
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.7 Medium
AI Score
Confidence
High
0.004 Low
EPSS
Percentile
75.3%
Cross-site scripting (XSS) vulnerability in the “help window” (help.php) in Horde Application Framework 2.2.6 allows remote attackers to inject arbitrary web script or HTML via the (1) module, (2) topic, or (3) module parameters.
Affected configurations
Node
hordeapplication_frameworkMatch2.0
ORhordeapplication_frameworkMatch2.1
ORhordeapplication_frameworkMatch2.1.3
ORhordeapplication_frameworkMatch2.2
ORhordeapplication_frameworkMatch2.2.1
ORhordeapplication_frameworkMatch2.2.3
ORhordeapplication_frameworkMatch2.2.4
ORhordeapplication_frameworkMatch2.2.4_rc1
ORhordeapplication_frameworkMatch2.2.5
ORhordeapplication_frameworkMatch2.2.6
Related
openvas
openvas
Horde Help Subsystem XSS
2005-11-03 00:00:00
FreeBSD Ports: horde, horde-devel
2008-09-04 00:00:00
FreeBSD Ports: horde, horde-devel
2008-09-04 00:00:00
cvelist
cvelist
CVE-2004-2741
2007-10-09 10:00:00
nvd
nvd
CVE-2004-2741
2004-12-31 05:00:00
nessus
nessus
Horde Application Framework Help Window Multiple Parameter XSS
2004-11-02 00:00:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.7 Medium
AI Score
Confidence
High
0.004 Low
EPSS
Percentile
75.3%
Related for CVE-2004-2741