2 matches found
[SECURITY] [DSA 970-1] New kronolith packages fix cross-site scripting
-------------------------------------------------------------------------- Debian Security Advisory DSA 970-1 [email protected] http://www.debian.org/security/ Martin Schulze February 14th, 2006 http://www.debian.org/security/faq -...
CVE-2005-4189
CVE-2005-4189 covers multiple cross-site scripting (XSS) vulnerabilities in Horde Kronolith H3 prior to 2.0.6. The issue arises from insufficient input sanitisation in several user-controllable fields (Calendar name when creating calendars; event title when deleting events; Category and Location ...