Daniel Fernã¡Ndez Bleda

**Name of the Vulnerable Software and Affected Versions** Horde Application Framework versions prior to 3.3.6 Horde Groupware versions prior to 1.2.5 Horde Groupware Webmail Edition versions prior to 1.2.5 **Description** The issue concerns multiple cross-site scripting (XSS) vulnerabilities in the administration interface. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML via the PATH INFO to specific PHP files, including `phpshell.php`, `cmdshell.php`, or `sqlshell.php` in the `admin/` directory. The issue is related to the `PHP SELF` variable. **Recommendations** For Horde Application Framework versions prior to 3.3.6, update to version 3.3.6 or later. For Horde Groupware versions prior to 1.2.5, update to version 1.2.5 or later. For Horde Groupware Webmail Edition versions prior to 1.2.5, update to version 1.2.5 or later.

**Name of the Vulnerable Software and Affected Versions** Horde Application Framework versions prior to 3.3.6 Horde Groupware versions prior to 1.2.5 Horde Groupware Webmail Edition versions prior to 1.2.5 **Description** The issue allows remote attackers to conduct cross-site scripting (XSS) attacks via `data:text/html` values for the `HREF` attribute of an `A` element in an HTML e-mail message. This is due to improper handling of `data:` URIs. **Recommendations** For Horde Application Framework versions prior to 3.3.6, update to version 3.3.6 or later. For Horde Groupware versions prior to 1.2.5, update to version 1.2.5 or later. For Horde Groupware Webmail Edition versions prior to 1.2.5, update to version 1.2.5 or later.