PT-2021-17184 · Horde · Horde Text Filter+1

Alex Birnberg

Published

2021-02-14

Updated

2021-04-19

CVE-2021-26929

CVSS v3.1

6.1

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions: Horde Groupware Webmail Edition versions through 5.2.22

Description: An XSS issue was discovered, allowing an attacker to send a plain text e-mail message with JavaScript encoded as a link or email. This is mishandled by preProcess in Text2html.php due to bespoke use of x00x00x00 and x01x01x01, which interferes with XSS defenses.

Recommendations: For Horde Groupware Webmail Edition versions through 5.2.22, update the Horde Text Filter library to version 2.3.7 or later to resolve the issue. As a temporary workaround, consider restricting the handling of plain text e-mail messages with JavaScript encoded links or emails to minimize the risk of exploitation.

Exploit

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2021-26929

DLA-2564-1

Affected Products

Horde Groupware Webmail Edition

Horde Text Filter

PT-2021-17184 · Horde · Horde Text Filter+1

CVE-2021-26929

Weakness Enumeration

Related Identifiers

Affected Products

References · 22