Lucene search
MitreCVELIST:CVE-2009-4363HistoryOct 03, 2022 - 4:24 p.m.
CVE-2009-4363
2022-10-0316:24:04
mitre
raw.githubusercontent.com
2
Text_Filter/lib/Horde/Text/Filter/Xss.php in Horde Application Framework before 3.3.6, Horde Groupware before 1.2.5, and Horde Groupware Webmail Edition before 1.2.5 does not properly handle data: URIs, which allows remote attackers to conduct cross-site scripting (XSS) attacks via data:text/html values for the HREF attribute of an A element in an HTML e-mail message. NOTE: the vendor states that the issue is caused by “an XSS vulnerability in Firefox browsers.”
Related
cve
cve
CVE-2009-4363
2009-12-21 16:30:00
prion
prion
Cross site scripting
2009-12-21 16:30:00
ubuntucve
ubuntucve
CVE-2009-4363
2009-12-21 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 1966-1] New horde3 packages fix cross-site scripting
2010-01-07 00:00:00
debian
debian
[SECURITY] [DSA 1966-1] New horde3 packages fix cross-site scripting
2010-01-07 10:33:23
osv
osv
horde3 - cross-site scripting
2010-01-07 00:00:00
nessus
nessus
Debian DSA-1966-1 : horde3 - insufficient input sanitising
2010-02-24 00:00:00
openSUSE Security Update : horde (horde-1947)
2010-02-15 00:00:00
Fedora 12 : horde-3.3.6-1.fc12 (2010-5520)
2010-07-01 00:00:00
openvas
openvas
Debian Security Advisory DSA 1966-1 (horde3)
2010-01-11 00:00:00
Debian: Security Advisory (DSA-1966-1)
2010-01-11 00:00:00
Fedora Update for horde FEDORA-2010-5483
2010-04-06 00:00:00
fedora
fedora
[SECURITY] Fedora 12 Update: horde-3.3.6-1.fc12
2010-04-01 01:51:02
[SECURITY] Fedora 13 Update: horde-3.3.6-1.fc13
2010-04-01 17:20:56
[SECURITY] Fedora 11 Update: horde-3.3.6-1.fc11
2010-04-01 01:40:32