3 matches found
CVE-2013-2652
CRLF injection vulnerability in WebCollab
CVE-2009-1454
CVE-2009-1454 is an XSS in WebCollab’s tasks.php prior to version 2.50 (aka Billy Goat). The issue allows remote attackers to inject arbitrary script/HTML via the selection parameter in a todo action. Affected: WebCollab before 2.50. Impact (per available data): client-side script execution with ...
CVE-2009-1455
WebCollab before 2.50 (aka Billy Goat) is affected by multiple CSRF vulnerabilities that can allow an attacker to hijack administrator authentication and perform actions such as changing an arbitrary password. The underlying issue is CSRF in the application’s request handling. The NVD entry provi...