Vulnerability CVE-2012-5567

Vulnerability CVE-2012-5567

Published: 2014-04-05 Modified: 2014-04-06

Description:

Type:

(Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

CVSS Base Score	Impact Subscore	Exploitability Subscore
4.3/10	2.9/10	8.6/10

Affected software
Horde -> Groupware
Horde -> Kronolith h4

https://github.com/horde/horde/blob/d3dda2d47fad7eb128a0091e732cded0c2601009/kronolith/docs/CHANGES

https://bugzilla.redhat.com/show_bug.cgi?id=879684

http://www.securityfocus.com/bid/56541

http://www.osvdb.org/87345

http://www.openwall.com/lists/oss-security/2012/11/23/7

http://www.openwall.com/lists/oss-security/2012/11/23/3

http://secunia.com/advisories/51469

http://secunia.com/advisories/51233

http://lists.opensuse.org/opensuse-updates/2012-12/msg00019.html

http://lists.horde.org/archives/announce/2012/000836.html

http://git.horde.org/horde-git/-/commit/d865c564beb6e98532880aa51a04a79f3311cd1e