Lucene search

[email protected]NVD:CVE-2008-3650

HistoryAug 13, 2008 - 1:41 a.m.

CVE-2008-3650

2008-08-1301:41:00

[email protected]

web.nvd.nist.gov

9 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

6.2 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

42.9%

JSON

Multiple unspecified vulnerabilities in Horde Groupware Webmail before Edition 1.1.1 (final) have unknown impact and attack vectors related to “unescaped output,” possibly cross-site scripting (XSS), in the (1) object browser and (2) contact view.

Affected configurations

NVD

Node

hordegroupware_webmail_editionMatch1.0

hordegroupware_webmail_editionMatch1.0.1

hordegroupware_webmail_editionMatch1.0.2

hordegroupware_webmail_editionMatch1.0.3

hordegroupware_webmail_editionMatch1.0.4

hordegroupware_webmail_editionMatch1.0.5

hordegroupware_webmail_editionMatch1.0.6

hordegroupware_webmail_editionMatch1.0.7

hordegroupware_webmail_editionMatch1.1

References

lists.horde.org/archives/announce/2008/000420.html

exchange.xforce.ibmcloud.com/vulnerabilities/44479

9 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

6.2 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

42.9%

JSON

Related for NVD:CVE-2008-3650

cvelist1 prion1 cve1 ubuntucve1