2 matches found
[SECURITY] [DLA 2350-1] php-horde-kronolith security update
Debian LTS Advisory DLA-2350-1 [email protected] https://www.debian.org/lts/security/ Mike Gabriel August 29, 2020 https://wiki.debian.org/LTS Package : php-horde-kronolith Version : 4.2.19-1+deb9u1 CVE ID : CVE-2017-16908 Debian Bug : 909738 In Horde Groupware, there has been an XSS vi...
CVE-2017-16908
The CVE-2017-16908 entry concerns Horde Groupware 5.2.19, where an XSS vulnerability in the Resource Name field can be exploited to enable remote code execution after compromising an administrator account, by bypassing the CVE-2015-7984 CSRF protection mechanism. Affected product/component: Horde...