Lucene search

[email protected]CVE-2014-4945

HistoryOct 03, 2022 - 4:20 p.m.

CVE-2014-4945

2022-10-0316:20:46

CWE-79

[email protected]

web.nvd.nist.gov

cve-2014-4945

cross-site scripting

xss

vulnerabilities

horde

imp

webmail

nvd

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.9 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

62.1%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in Horde Internet Mail Program (IMP) before 6.1.8, as used in Horde Groupware Webmail Edition before 5.1.5, allow remote attackers to inject arbitrary web script or HTML via an unspecified flag in the basic (1) mailbox or (2) message view.

Affected configurations

NVD

Node

hordegroupwareRange≤5.1.4webmail

hordegroupwareMatch5.0.0webmail

hordegroupwareMatch5.0.0rc1webmail

hordegroupwareMatch5.0.1webmail

hordegroupwareMatch5.0.2webmail

hordegroupwareMatch5.0.3webmail

hordegroupwareMatch5.0.4webmail

hordegroupwareMatch5.0.5webmail

hordegroupwareMatch5.1.0webmail

hordegroupwareMatch5.1.0rc1webmail

hordegroupwareMatch5.1.1webmail

hordegroupwareMatch5.1.2webmail

hordegroupwareMatch5.1.3webmail

hordeinternet_mail_programRange≤6.1.7

hordeinternet_mail_programMatch6.0.0

hordeinternet_mail_programMatch6.0.0alpha1

hordeinternet_mail_programMatch6.0.0beta1

hordeinternet_mail_programMatch6.0.0beta2

hordeinternet_mail_programMatch6.0.0beta3

hordeinternet_mail_programMatch6.0.0beta4

hordeinternet_mail_programMatch6.0.0rc1

hordeinternet_mail_programMatch6.0.1

hordeinternet_mail_programMatch6.0.2

hordeinternet_mail_programMatch6.0.3

hordeinternet_mail_programMatch6.0.4

hordeinternet_mail_programMatch6.0.5

hordeinternet_mail_programMatch6.0.6

hordeinternet_mail_programMatch6.1.0

hordeinternet_mail_programMatch6.1.0beta1

hordeinternet_mail_programMatch6.1.0beta2

hordeinternet_mail_programMatch6.1.0rc1

hordeinternet_mail_programMatch6.1.1

hordeinternet_mail_programMatch6.1.2

hordeinternet_mail_programMatch6.1.3

hordeinternet_mail_programMatch6.1.4

hordeinternet_mail_programMatch6.1.5

hordeinternet_mail_programMatch6.1.6

CPENameOperatorVersion
horde:groupwarehorde groupwarele5.1.4
horde:groupwarehorde groupwareeq5.0.0
horde:groupwarehorde groupwareeq5.0.1
horde:groupwarehorde groupwareeq5.0.2
horde:groupwarehorde groupwareeq5.0.3
horde:groupwarehorde groupwareeq5.0.4
horde:groupwarehorde groupwareeq5.0.5
horde:groupwarehorde groupwareeq5.1.0
horde:groupwarehorde groupwareeq5.1.1
horde:groupwarehorde groupwareeq5.1.2

CPE	Name	Operator	Version
horde:groupware	horde groupware	le	5.1.4
horde:groupware	horde groupware	eq	5.0.0
horde:groupware	horde groupware	eq	5.0.1
horde:groupware	horde groupware	eq	5.0.2
horde:groupware	horde groupware	eq	5.0.3
horde:groupware	horde groupware	eq	5.0.4
horde:groupware	horde groupware	eq	5.0.5
horde:groupware	horde groupware	eq	5.1.0
horde:groupware	horde groupware	eq	5.1.1
horde:groupware	horde groupware	eq	5.1.2

Rows per page:

1-10 of 261

References

lists.horde.org/archives/announce/2014/001019.html

lists.horde.org/archives/announce/2014/001025.html

secunia.com/advisories/59770

secunia.com/advisories/59772

github.com/horde/horde/blob/4513649810f13a32f1193bdeed76f7d85a5efa05/bundles/webmail/docs/CHANGES

github.com/horde/horde/blob/c0144ac03814a8c2cf6fc5ac0d1af2653e9ee139/imp/docs/CHANGES

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.9 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

62.1%

JSON

Related for CVE-2014-4945

ubuntucve1 cvelist1 debiancve1 prion1 nvd1