Lucene search

K
osvGoogleOSV:DSA-2013-1
HistoryMar 11, 2010 - 12:00 a.m.

egroupware - several vulnerabilities

2010-03-1100:00:00
Google
osv.dev
11

0.018 Low

EPSS

Percentile

88.1%

Nahuel Grisolia discovered two vulnerabilities in Egroupware, a web-based
groupware suite: Missing input sanitising in the spellchecker integration
may lead to the execution of arbitrary commands and a cross-site scripting
vulnerability was discovered in the login page.

For the stable distribution (lenny), these problems have been fixed in
version 1.4.004-2.dfsg-4.2.

The upcoming stable distribution (squeeze), no longer contains egroupware
packages.

We recommend that you upgrade your egroupware packages.

CPENameOperatorVersion
egroupwareeq1.4.004-2.dfsg-4.1

0.018 Low

EPSS

Percentile

88.1%