Vigil@nce: Horde, Cross Site Scripting
June 2008 by Vigil@nce
SYNTHESIS
An attacker can generate three Cross Site Scripting in Horde
products.
Gravity: 2/4
Consequences: client access/rights
Provenance: document
Means of attack: no proof of concept, no attack
Ability of attacker: expert (4/4)
Confidence: confirmed by the editor (5/5)
Diffusion of the vulnerable configuration: high (3/3)
Creation date: 16/06/2008
Identifier: VIGILANCE-VUL-7896
IMPACTED PRODUCTS
– Unix - plateform
DESCRIPTION
The Horde, Turba, Horde Groupware and Horde Groupware Webmail Edition products share the same source code and thus the same Cross Site Scripting vulnerabilities.
Contact names are not escaped in the "contact" view, which impacts
Turba, Horde Groupware 1.1.x and Horde Groupware Webmail Edition 1.1.x. [grav:2/4; BID-29745]
Item names are not escaped in the object browser, which impacts
Horde, Horde Groupware and Horde Groupware Webmail Edition.
[grav:2/4]
Parameters of the add event screen are not escaped, which impacts
Horde Groupware 1.0.x and Horde Groupware Webmail Edition 1.0.x.
[grav:2/4]
CHARACTERISTICS
Identifiers: BID-29745, VIGILANCE-VUL-7896