Lucene search

FreeBSD3AA8B781-D2C4-11E5-B2BD-002590263BF5

HistoryFeb 02, 2016 - 12:00 a.m.

horde -- XSS vulnerabilities

2016-02-0200:00:00

vuxml.freebsd.org

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

0.005 Low

EPSS

Percentile

77.2%

JSON

The Horde Team reports:

Fixed XSS vulnerabilities in menu bar and form renderer.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchhorde< 5.2.9UNKNOWN
FreeBSDanynoarchpear-horde_core< 2.22.6UNKNOWN

OS	Version	Architecture	Package	Version	Filename
FreeBSD	any	noarch	horde	< 5.2.9	UNKNOWN
FreeBSD	any	noarch	pear-horde_core	< 2.22.6	UNKNOWN

References

lists.horde.org/archives/announce/2016/001149.html

www.openwall.com/lists/oss-security/2016/02/06/4

bugs.horde.org/ticket/14213

github.com/horde/horde/commit/11d74fa5a22fe626c5e5a010b703cd46a136f253

github.com/horde/horde/commit/ab07a1b447de34e13983b4d7ceb18b58c3a358d8

github.com/horde/horde/commit/f03301cf6edcca57121a15e80014c4d0f29d99a0

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

0.005 Low

EPSS

Percentile

77.2%

JSON

Related for 3AA8B781-D2C4-11E5-B2BD-002590263BF5