CVE-2012-5567 in Groupwarethông tin

Tóm tắt

Bởi MITRE

Multiple cross-site scripting (XSS) vulnerabilities in Horde Kronolith Calendar Application H4 before 3.0.18, as used in Horde Groupware Webmail Edition before 4.0.9, allow remote attackers to inject arbitrary web script or HTML via crafted event location parameters in the (1) month, (2) monthlist, or (3) prevmonthlist fields, related to portal blocks.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Đặt trước

24/10/2012

Tiết lộ

05/04/2014

Kiểm duyệt

được chấp nhận

mục

VDB-66876

EPSS

0.02461

KEV

không

Các hoạt động

rất thấp

Nguồn

Do you know our Splunk app?

Download it now for free!