PT-2019-6994 · Horde · Horde Groupware Webmail Edition
Victor Pereira
·
Publicado
2019-11-05
·
Atualizado
2020-08-18
·
CVE-2013-6364
CVSS v3.1
8.8
Alta
| Vetor | AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Horde Groupware Webmail Edition (affected versions not specified)
Description
The issue concerns Horde Groupware Webmail Edition, which has problems with CSRF and XSS when saving a search as a virtual address book.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
XSS
CSRF
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Horde Groupware Webmail Edition