Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
exploitdbAlexios FakosEDB-ID:32354
HistorySep 10, 2008 - 12:00 a.m.

Horde 3.2 - MIME Attachment Filename Insufficient Filtering Cross-Site Scripting

2008-09-1000:00:00
Alexios Fakos
www.exploit-db.com
16

AI Score

7.4

Confidence

Low

JSON
source: https://www.securityfocus.com/bid/31110/info

Horde Framework is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data.

An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.

This issue affects Horde Framework 3.2 through 3.2.1.

Note that additional products that use the Horde Framework may also be vulnerable.

<body/onload=alert(/hello/)>

Related

nvd 1
cvelist 1
seebug 1
openvas 8
debian 1
redhatcve 1
prion 1
ubuntucve 1
nessus 5
cve 1
freebsd 1
securityvulns 1
osv 1
fedora 3
nvd
nvd
CVE-2008-3823
2008-09-12 16:56:20
cvelist
cvelist
CVE-2008-3823
2008-09-12 16:00:00
seebug
seebug
Horde MIMEι™„δ»Άζ–‡δ»Άεθ·¨η«™θ„šζœ¬ζΌζ΄ž
2008-09-22 00:00:00
openvas
openvas
Debian Security Advisory DSA 1642-1 (horde3)
2008-09-24 00:00:00
FreeBSD Ports: horde-base
2008-09-17 00:00:00
Debian: Security Advisory (DSA-1642-1)
2008-09-24 00:00:00
debian
debian
[SECURITY] [DSA 1642-1] New horde3 packages fix cross site scripting
2008-09-20 13:21:13
redhatcve
redhatcve
CVE-2008-3823
2022-05-20 23:39:40
prion
prion
Cross site scripting
2008-09-12 16:56:00
ubuntucve
ubuntucve
CVE-2008-3823
2008-09-12 00:00:00
nessus
nessus
Debian DSA-1642-1 : horde3 - XSS
2008-09-23 00:00:00
FreeBSD : horde -- multiple vulnerabilities (7d239578-7ff2-11dd-8de5-0030843d3802)
2008-09-11 00:00:00
Fedora 12 : horde-3.3.6-1.fc12 (2010-5520)
2010-07-01 00:00:00
cve
cve
CVE-2008-3823
2008-09-12 16:56:20
freebsd
freebsd
horde -- multiple vulnerabilities
2008-09-10 00:00:00
securityvulns
securityvulns
[oCERT-2008-012] Horde, Popoon frameworks common input sanitization errors &#40;XSS&#41;
2008-09-10 00:00:00
osv
osv
horde3 - cross site scripting
2008-09-20 00:00:00
fedora
fedora
[SECURITY] Fedora 13 Update: horde-3.3.6-1.fc13
2010-04-01 17:20:56
[SECURITY] Fedora 12 Update: horde-3.3.6-1.fc12
2010-04-01 01:51:02
[SECURITY] Fedora 11 Update: horde-3.3.6-1.fc11
2010-04-01 01:40:32

AI Score

7.4

Confidence

Low

JSON
Related for EDB-ID:32354
nvd1cvelist1seebug1openvas8debian1redhatcve1prion1ubuntucve1nessus5cve1freebsd1securityvulns1osv1fedora3