Horde · Horde Kronolith H4 · CVE-2012-6620
**Name of the Vulnerable Software and Affected Versions**
Horde Kronolith H4 versions prior to 3.0.17
**Description**
The issue concerns multiple cross-site scripting (XSS) vulnerabilities in the tasks and search views. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
**Recommendations**
For versions prior to 3.0.17, update to version 3.0.17 or later to resolve the issue.