11 matches found
Horde Groupware Webmail 5.2.22 Cross Site Scripting
Exploit Title: Horde Groupware Webmail 5.2.22 - Stored XSS Author: Alex Birnberg Testing and Debugging: Ventsislav Varbanovski @nu11secur1ty Date: 04.14.2021 Vendor: https://www.horde.org/apps/webmail Link: https://github.com/horde/webmail/releases CVE: CVE-2021-26929 + Exploit Source:...
Horde Groupware Webmail Edition 5.2.22 XSS / Remote Code Execution Exploit
Webmail Edition version 5.2.22 suffers from remote code execution and cross site scripting vulnerabilities via the HordeTextFilter library. Exploit Title: Remote code execution XSS HordeTextFilter library Webmail Edition through 5.2.22 Author: Alex Birnberg Testing and Debugging: Ventsislav...
Webmail Edition 5.2.22 XSS / Remote Code Execution
Exploit Title: Remote code execution XSS HordeTextFilter library Webmail Edition through 5.2.22 Author: Alex Birnberg Testing and Debugging: Ventsislav Varbanovski @nu11secur1ty System Administrator - Infrastructure Engineer Date: 04.14.2021 Vendor: webmail Link:...
Fedora 32 : php-horde-Horde-Text-Filter (2021-cbfa969c98)
The remote Fedora 32 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2021-cbfa969c98 advisory. - HordeTextFilter 2.3.7 mjr SECURITY: Fix XSS via Text2Html filter Reported by: Alex Birnberg, CVE 2021-26929 FEDORA-2021-cbfa969c98 Note that Nessus has not...
Fedora 33 : php-horde-Horde-Text-Filter (2021-f8368da9af)
The remote Fedora 33 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2021-f8368da9af advisory. - HordeTextFilter 2.3.7 mjr SECURITY: Fix XSS via Text2Html filter Reported by: Alex Birnberg, CVE 2021-26929 FEDORA-2021-f8368da9af Note that Nessus has not...
Debian DLA-2564-1 : php-horde-text-filter security update
Alex Birnberg discovered a cross-site scripting XSS vulnerability in the Horde Application Framework, more precisely its Text Filter API. An attacker could take control of a user's mailbox by sending a crafted e-mail. CVE-2021-26929 An XSS issue was discovered in Horde Groupware Webmail Edition...
[SECURITY] [DLA 2564-1] php-horde-text-filter security update
----------------------------------------------------------------------- Debian LTS Advisory DLA-2564-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler February 18, 2021 https://wiki.debian.org/LTS -...
CVE-2021-26929
creationtimestamp| type| source ---|---|--- 2021-02-14 07:45:11+00:00| seen| https://t.me/cibsecurity/23577 2021-09-21 06:42:48+00:00| published-proof-of-concept| https://t.me/pwnwikizhchannel/171 2024-11-14 06:08:50+00:00| seen| MISP/0d1db1c1-c9b1-4ec2-8b8b-30e6fc132a61...
CVE-2021-26929
An XSS issue was discovered in Horde Groupware Webmail Edition through 5.2.22 where the HordeTextFilter library before 2.3.7 is used. The attacker can send a plain text e-mail message, with JavaScript encoded as a link or email that is mishandled by preProcess in Text2html.php, because bespoke us...
CVE-2021-26929
An XSS issue was discovered in Horde Groupware Webmail Edition through 5.2.22 where the HordeTextFilter library before 2.3.7 is used. The attacker can send a plain text e-mail message, with JavaScript encoded as a link or email that is mishandled by preProcess in Text2html.php, because bespoke us...
CVE-2021-26929
CVE-2021-26929 affects Horde Groupware Webmail Edition up to 5.2.22 (Horde_Text_Filter before 2.3.7). The vulnerability is an XSS in which a attacker can send a plain text email containing JavaScript encoded as a link or email that is mishandled by preProcess in Text2html.php, due to bespoke use ...