Cross site scripting

2012-01-2418:55:00

PRIOn knowledge base

www.prio-n.com

6.1 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.003 Low

EPSS

Percentile

65.6%

JSON

Cross-site scripting (XSS) vulnerability in Horde_Form in Horde Groupware Webmail Edition before 4.0.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to email verification. NOTE: Some of these details are obtained from third party information.

CPENameOperatorVersion
groupware_webmail_editioneq1.1.5
groupware_webmail_editioneq1.0 rc2
groupware_webmail_editioneq1.0.1
groupware_webmail_editioneq1.1
groupware_webmail_editioneq1.1 rc1
groupware_webmail_editioneq4.0.1
groupware_webmail_editioneq1.2.2
groupware_webmail_editioneq1.1 rc3
groupware_webmail_editioneq1.2.8
groupware_webmail_editionle4.0.5

Name	Operator	Version
groupware_webmail_edition	eq	1.1.5
groupware_webmail_edition	eq	1.0 rc2
groupware_webmail_edition	eq	1.0.1
groupware_webmail_edition	eq	1.1
groupware_webmail_edition	eq	1.1 rc1
groupware_webmail_edition	eq	4.0.1
groupware_webmail_edition	eq	1.2.2
groupware_webmail_edition	eq	1.1 rc3
groupware_webmail_edition	eq	1.2.8
groupware_webmail_edition	le	4.0.5