CVE-2017-16906
CVE-2017-16906 affects Horde Groupware, specifically version 5.2.19–5.2.22, where an XSS vulnerability exists in the Calendar → New Event URL field. The vulnerability allows an attacker to inject HTML/JavaScript through the URL parameter, with potential for remote code execution as per CNVD descr...