4 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-16906
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Horde Groupware 5.2.19-5.2.22, there is XSS via the URL field in a Calendar - New Event action. CVE-2017-16906 Note that Nessus relies on the presence of the...
[SECURITY] [DLA 2351-1] php-horde-kronolith security update
Debian LTS Advisory DLA-2351-1 [email protected] https://www.debian.org/lts/security/ Mike Gabriel August 29, 2020 https://wiki.debian.org/LTS Package : php-horde-kronolith Version : 4.2.19-1+deb9u2 CVE ID : CVE-2017-16906 Debian Bug : 909737 In Horde Groupware, there has been an XSS...
Horde Groupware Cross-Site Scripting Vulnerability (CNVD-2017-37742)
Horde Groupware is a free, enterprise-grade, browser-based collaboration suite. A cross-site scripting vulnerability exists in Horde Groupware version 5.2.19. A cross-site scripting attack can be performed via the URL field in the "Calendar - New Event" action, which can be used for remote code...
DEBIAN-CVE-2017-16906
In Horde Groupware 5.2.19-5.2.22, there is XSS via the URL field in a "Calendar - New Event" action...