Lucene search
Alexios FakosEDB-ID:32353HistorySep 10, 2008 - 12:00 a.m.
Horde Application Framework 3.2.1 - Forward Slash Insufficient Filtering Cross-Site Scripting
2008-09-1000:00:00
Alexios Fakos
www.exploit-db.com
14
AI Score
7.4
Confidence
Low
source: https://www.securityfocus.com/bid/31107/info
Horde Framework is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
This issue affects versions prior to Horde Framework 3.1.9 and 3.2.2.
Note that additional products that use the Horde Framework may also be vulnerable.
<body/onload=alert(/hello/)> Related
prion
prion
Cross site scripting
2008-09-12 16:56:00
cvelist
cvelist
CVE-2008-3824
2008-09-12 16:00:00
cve
cve
CVE-2008-3824
2008-09-12 16:56:20
ubuntucve
ubuntucve
CVE-2008-3824
2008-09-12 00:00:00
redhatcve
redhatcve
CVE-2008-3824
2019-10-04 20:25:58
nvd
nvd
CVE-2008-3824
2008-09-12 16:56:20
osv
osv
horde3 - cross site scripting
2008-09-20 00:00:00
openvas
openvas
FreeBSD Ports: horde-base
2008-09-17 00:00:00
Debian: Security Advisory (DSA-1642-1)
2008-09-24 00:00:00
FreeBSD Ports: horde-base
2008-09-17 00:00:00
freebsd
freebsd
horde -- multiple vulnerabilities
2008-09-10 00:00:00
securityvulns
securityvulns
nessus
nessus
FreeBSD : horde -- multiple vulnerabilities (7d239578-7ff2-11dd-8de5-0030843d3802)
2008-09-11 00:00:00
openSUSE Security Update : horde (horde-311)
2009-07-21 00:00:00
openSUSE 10 Security Update : horde (horde-5791)
2008-11-25 00:00:00
fedora
fedora
[SECURITY] Fedora 13 Update: horde-3.3.6-1.fc13
2010-04-01 17:20:56
[SECURITY] Fedora 12 Update: horde-3.3.6-1.fc12
2010-04-01 01:51:02
[SECURITY] Fedora 11 Update: horde-3.3.6-1.fc11
2010-04-01 01:40:32