PT-2008-5020 · Horde · Horde Groupware Webmail

Jan Schneider

·

Published

2008-08-13

·

Updated

2017-08-08

·

CVE-2008-3650

CVSS v2.0

9.0

High

VectorAV:N/AC:L/Au:S/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Horde Groupware Webmail versions prior to Edition 1.1.1 (final)
Description The issue is related to unescaped output, possibly leading to cross-site scripting (XSS) in the object browser and contact view.
Recommendations For versions prior to Edition 1.1.1 (final), update to Edition 1.1.1 (final) or later to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Related Identifiers

CVE-2008-3650

Affected Products

Horde Groupware Webmail