CVE-2006-2195

🗓️ 15 Jun 2006 10:00:00Reported by debianType

cve🔗 web.nvd.nist.gov👁 62 Views🌐 WEB

CVE-2006-2195 Cross-site scripting vulnerability in horde 3 before 3.1.

Reporter	Title	Published	Views	Family All 27
FreeBSD	horde -- multiple parameter cross site scripting vulnerabilities	10 Jun 200600:00	–	freebsd
Cvelist	CVE-2006-2195	15 Jun 200610:00	–	cvelist
Debian	[SECURITY] [DSA 1098-1] New horde3 packages fix cross-site scripting	14 Jun 200620:00	–	debian
Debian	[SECURITY] [DSA 1099-1] New horde2 packages fix cross-site scripting	14 Jun 200620:08	–	debian
Tenable Nessus	Debian DSA-1098-1 : horde3 - missing input sanitising	14 Oct 200600:00	–	nessus
Tenable Nessus	Debian DSA-1099-1 : horde2 - missing input sanitising	14 Oct 200600:00	–	nessus
Tenable Nessus	FreeBSD : horde -- multiple parameter XSS vulnerabilities (09429f7c-fd6e-11da-b1cd-0050bf27ba24)	19 Jun 200600:00	–	nessus
Tenable Nessus	GLSA-200606-28 : Horde Web Application Framework: XSS vulnerability	29 Jun 200600:00	–	nessus
Tenable Nessus	openSUSE 10 Security Update : horde (horde-1600)	17 Oct 200700:00	–	nessus
EUVD	EUVD-2006-2196	7 Oct 202500:30	–	euvd

NVD

Node

horde hordeRange≤3.0.9

horde hordeMatch3.0.1

horde hordeMatch3.0.2

horde hordeMatch3.0.3

horde hordeMatch3.0.4

horde hordeMatch3.0.4_rc1

horde hordeMatch3.0.4_rc2

horde hordeMatch3.0.6

horde hordeMatch3.0.7

horde hordeMatch3.0.8

Source	Link
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/27168
debian	www.debian.org/security/2006/dsa-1099
securityfocus	www.securityfocus.com/bid/18436
secunia	www.secunia.com/advisories/20661
secunia	www.secunia.com/advisories/20960
securitytracker	www.securitytracker.com/id
osvdb	www.osvdb.org/26513
secunia	www.secunia.com/advisories/20849
overlays	www.overlays.gentoo.org/dev/chtekk/browser/horde/www-apps/horde/files/horde-3.1.1-xss.diff
secunia	www.secunia.com/advisories/20672

Parameter	Position	Path	Description	CWE
url	query param	/services/go.php?url=http://./;URL=javascript:alert(0);	XSS via Go URL redirection in go.php (unsanitized url param leads to injected script in output)	CWE-79
URL	query param	/services/go.php?url=http://./;URL=javascript:alert(0);	XSS via Go URL redirection in go.php (unsanitized url param leads to injected script in output)	CWE-79
show	query param	/services/help/?show=about&module=%3Cmeta%20http-equiv=%22refresh%22%20content=%220;URL=javascript:alert(0)%3B%22%3E	XSS via help output due to insufficient validation of input in module parameter	CWE-79
module	query param	/services/help/?show=about&module=%3Cmeta%20http-equiv=%22refresh%22%20content=%220;URL=javascript:alert(0)%3B%22%3E	XSS via help output due to insufficient validation of input in module parameter	CWE-79
name	query param	/services/problem.php?name=%22%3E%3Cscript%3Ealert(0)%3B%3C/script%20x=%22	XSS in problem reporting function through name parameter	CWE-79
untrusted	query param	/horde/services/go.php?untrusted=1&url=http://moritz-naumann.com/	Web tunneling / SSRF-like vulnerability enabling remote content inclusion via go.php with untrusted and url params	CWE-79
url	query param	/horde/services/go.php?untrusted=1&url=http://moritz-naumann.com/	Web tunneling / SSRF-like vulnerability enabling remote content inclusion via go.php with untrusted and url params	CWE-79

16 Apr 2026 00:27Current

5.4Medium risk

Vulners AI Score5.4

CVSS 26.8

EPSS0.04367