Lucene search
+L

Horde Groupware Webmail < 5.2.22 XSS Vulnerability - Linux

🗓️ 19 May 2020 00:00:00Reported by Copyright (C) 2020 Greenbone AGType 
openvas
 openvas
🔗 plugins.openvas.org👁 28 Views

Horde Groupware Webmail < 5.2.22 XSS Vulnerability - Linux. Image view affected by stored XSS via SVG image uploa

Related
Refs
Code
ReporterTitlePublishedViews
Family
CNVD
Horde Groupware Webmail Cross-Site Scripting Vulnerability (CNVD-2020-33657)
19 May 202000:00
cnvd
CVE
CVE-2020-8035
18 May 202014:55
cve
Cvelist
CVE-2020-8035
18 May 202014:55
cvelist
Debian
[SECURITY] [DLA 2230-1] php-horde security update
31 May 202020:41
debian
Debian CVE
CVE-2020-8035
18 May 202014:55
debiancve
Tenable Nessus
Debian DLA-2230-1 : php-horde security update
1 Jun 202000:00
nessus
Tenable Nessus
Linux Distros Unpatched Vulnerability : CVE-2020-8035
27 Aug 202500:00
nessus
EUVD
EUVD-2020-28947
7 Oct 202500:30
euvd
NVD
CVE-2020-8035
18 May 202015:15
nvd
OpenVAS
Horde Groupware Webmail < 5.2.22 XSS Vulnerability - Windows
19 May 202000:00
openvas
Rows per page
# SPDX-FileCopyrightText: 2020 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

CPE = "cpe:/a:horde:horde_groupware";

if (description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.112751");
  script_version("2025-03-27T05:38:50+0000");
  script_tag(name:"last_modification", value:"2025-03-27 05:38:50 +0000 (Thu, 27 Mar 2025)");
  script_tag(name:"creation_date", value:"2020-05-19 12:24:00 +0000 (Tue, 19 May 2020)");
  script_tag(name:"cvss_base", value:"4.3");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:N/I:P/A:N");
  script_tag(name:"severity_vector", value:"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N");
  script_tag(name:"severity_origin", value:"NVD");
  script_tag(name:"severity_date", value:"2020-06-01 00:15:00 +0000 (Mon, 01 Jun 2020)");

  script_cve_id("CVE-2020-8035");

  script_tag(name:"qod_type", value:"remote_banner_unreliable");

  script_tag(name:"solution_type", value:"VendorFix");

  script_name("Horde Groupware Webmail < 5.2.22 XSS Vulnerability - Linux");

  script_category(ACT_GATHER_INFO);

  script_copyright("Copyright (C) 2020 Greenbone AG");
  script_family("Web application abuses");
  script_dependencies("horde_http_detect.nasl", "os_detection.nasl");
  script_mandatory_keys("horde/detected", "Host/runs_unixoide");

  script_tag(name:"summary", value:"Horde Groupware Webmail is prone to a cross-site scripting
  (XSS) vulnerability.");

  script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");

  script_tag(name:"insight", value:"The image view functionality is affected by a stored cross-site
  scripting (XSS) vulnerability via an SVG image upload containing a JavaScript payload.");

  script_tag(name:"impact", value:"An attacker can obtain access to a victim's webmail account by
  making them visit a malicious URL.");

  script_tag(name:"affected", value:"Horde Groupware Webmail prior to version 5.2.22.");

  script_tag(name:"solution", value:"Update to version 5.2.22 or later.");

  script_xref(name:"URL", value:"https://lists.horde.org/archives/announce/2020/001290.html");

  exit(0);
}

include("host_details.inc");
include("version_func.inc");

if(!port = get_app_port(cpe: CPE))
  exit(0);

if(!infos = get_app_version_and_location(cpe: CPE, port: port, exit_no_version: TRUE))
  exit(0);

vers = infos["version"];
path = infos["location"];

if(version_is_less(version: vers, test_version: "5.2.22")) {
  report = report_fixed_ver(installed_version: vers, fixed_version: "5.2.22", install_path: path);
  security_message(port: port, data: report);
  exit(0);
}

exit(99);

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

27 Mar 2025 00:00Current
6Medium risk
Vulners AI Score6
CVSS 24.3
CVSS 3.16.1
EPSS0.00881
28