Reporter Robert Fly
`Hyperdose Security Advisory
Name: Cross Site Scripting holes found in Horde 3.0
Systems Affected: Horde 3.0 installations
Author: Robert Fly - email@example.com
Advisory URL: http://www.hyperdose.com/advisories/H2005-01.txt
The Horde Application Framework is a general-purpose web application
framework in PHP, providing classes for dealing with preferences,
compression, browser detection, connection tracking, MIME handling, and
Horde contains two XSS attacks that can be exploited through GET requests.
commands in the context of that user, potentially including but not limited
to reading and deleting email, and stealing auth tokens. Here are two
example URLs with simple exploits.
Horde.org has released a new install to fix these issues. Per Horde team
these issues are fixed in version 3.0.1, although v3.0.2, which contains the
fixes has already been released. Kudos to them as they fixed these
vulnerabilities within a few hours of our original email. GZ below:
NOTE: Per Horde team, this vulnerability does not exist in v2.0
Hyperdose Security was founded to provide companies with application
security knowledge through all parts of an application's security
development lifecycle. We specialize in all phases of software development
ranging from security design and architectural reviews, security code
reviews and penetration testing.