Vulnerability CVE-2009-3701

Vulnerability CVE-2009-3701

Published: 2009-12-21 Modified: 2012-02-13

Description:

	Topic	Author	Date
Low	Horde 3.3.5 cross site scripting	Juan Galiana Lar...	18.12.2009

Type:

(Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

CVSS Base Score	Impact Subscore	Exploitability Subscore
4.3/10	2.9/10	8.6/10

Affected software
Horde -> Application framework
Horde -> Groupware

http://archives.neohapsis.com/archives/fulldisclosure/2009-12/0388.html

http://cvs.horde.org/diff.php/horde/docs/CHANGES?r1=1.515.2.559&r2=1.515.2.589&ty=h

http://lists.horde.org/archives/announce/2009/000529.html

http://marc.info/?l=horde-announce&m=126100750018478&w=2

http://marc.info/?l=horde-announce&m=126101076422179&w=2

http://securitytracker.com/id?1023365

http://www.securityfocus.com/archive/1/508531/100/0/threaded

http://www.securityfocus.com/bid/37351

http://www.vupen.com/english/advisories/2009/3549

http://www.vupen.com/english/advisories/2009/3572

https://exchange.xforce.ibmcloud.com/vulnerabilities/54817