Lucene search

K

RedhatCVELIST:CVE-2012-0791

HistoryJan 24, 2012 - 6:00 p.m.

CVE-2012-0791

2012-01-2418:00:00

redhat

www.cve.org

3

AI Score

5.6

Confidence

High

EPSS

0.003

Percentile

70.5%

Multiple cross-site scripting (XSS) vulnerabilities in Horde IMP before 5.0.18 and Horde Groupware Webmail Edition before 4.0.6 allow remote attackers to inject arbitrary web script or HTML via the (1) composeCache, (2) rtemode, or (3) filename_* parameters to the compose page; (4) formname parameter to the contacts popup window; or (5) IMAP mailbox names. NOTE: some of these details are obtained from third party information.

References

secunia.com/advisories/47580

secunia.com/advisories/47592

www.debian.org/security/2012/dsa-2485

www.horde.org/apps/imp/docs/CHANGES

www.horde.org/apps/imp/docs/RELEASE_NOTES

www.horde.org/apps/webmail/docs/CHANGES

www.horde.org/apps/webmail/docs/RELEASE_NOTES

www.openwall.com/lists/oss-security/2012/01/22/2

www.securityfocus.com/bid/51586

www.securitytracker.com/id?1026553

www.securitytracker.com/id?1026554

AI Score

5.6

Confidence

High

EPSS

0.003

Percentile

70.5%

Related for CVELIST:CVE-2012-0791

suse1 nessus5 debian1 openvas4 ubuntucve1 cve1 prion1 securityvulns2 nvd1 osv1