Required CVE Record Information
Description
Multiple cross-site scripting (XSS) vulnerabilities in Horde 3.0 allow remote attackers to inject arbitrary web script or HTML via the (1) group parameter to prefs.php or (2) url parameter to index.php.
References 5 Total
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 5 Total
- http://www.hyperdose.com/advisories/H2005-01.txt x_transferred
- marc.info: 20050113 Cross Site Scripting holes found in Horde 3.0 mailing-listx_transferred
- securityfocus.com: 12255 vdb-entryx_transferred
- securitytracker.com: 1012892 vdb-entryx_transferred
- exchange.xforce.ibmcloud.com: horde-prefs-index-xss(18881) vdb-entryx_transferred