Lucene search
MitreCVELIST:CVE-2019-12095HistoryOct 24, 2019 - 5:09 p.m.
CVE-2019-12095
2019-10-2417:09:59
mitre
www.cve.org
Horde Trean, as used in Horde Groupware Webmail Edition through 5.2.22 and other products, allows CSRF, as demonstrated by the treanBookmarkTags parameter to the trean/ URI on a webmail server. NOTE: treanBookmarkTags could, for example, be a stored XSS payload.
References
bugs.horde.org/ticket/14926
cxsecurity.com/issue/WLB-2019050199
exchange.xforce.ibmcloud.com/vulnerabilities/161333
lists.debian.org/debian-lts-announce/2019/12/msg00015.html
numanozdemir.com/respdisc/horde/horde.mp4
numanozdemir.com/respdisc/horde/horde.txt
packetstormsecurity.com/files/152975/Horde-Webmail-5.2.22-XSS-CSRF-SQL-Injection-Code-Execution.html
www.exploit-db.com/exploits/46903
Related
ubuntucve
ubuntucve
CVE-2019-12095
2019-10-24 00:00:00
osv
osv
php-horde - security update
2019-12-13 00:00:00
CVE-2019-12095
2019-10-24 18:15:11
nvd
nvd
CVE-2019-12095
2019-10-24 18:15:11
nessus
nessus
Debian DLA-2033-1 : php-horde security update
2019-12-16 00:00:00
prion
prion
Cross site request forgery (csrf)
2019-10-24 18:15:00
debian
debian
[SECURITY] [DLA 2033-1] php-horde security update
2019-12-14 04:18:57
openvas
openvas
Debian: Security Advisory (DLA-2033-1)
2019-12-15 00:00:00
Horde Groupware Webmail < 5.2.21 Multiple Vulnerabilities - Windows
2019-10-30 00:00:00
Horde Groupware Webmail < 5.2.21 Multiple Vulnerabilities - Linux
2019-10-30 00:00:00
cve
cve
CVE-2019-12095
2019-10-24 18:15:11
debiancve
debiancve
CVE-2019-12095
2019-10-24 18:15:11
zdt
zdt
Horde Webmail 5.2.22 - Multiple Vulnerabilities
2019-05-23 00:00:00
Horde Webmail 5.2.22 XSS / CSRF / SQL Injection / Code Execution Exploit
2019-05-21 00:00:00
packetstorm
packetstorm
Horde Webmail 5.2.22 XSS / CSRF / SQL Injection / Code Execution
2019-05-17 00:00:00
exploitpack
exploitpack
Horde Webmail 5.2.22 - Multiple Vulnerabilities
2019-05-22 00:00:00
exploitdb
exploitdb
Horde Webmail 5.2.22 - Multiple Vulnerabilities
2019-05-22 00:00:00