MEDIUM🇵🇱 Wersja polska

CVE-2012-0909

CVSS 4.3v2.0pub. 2012-01-24upd. 2026-04-29

Cross-site scripting (XSS) vulnerability in Horde_Form in Horde Groupware Webmail Edition before 4.0.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to email verification. NOTE: Some of these details are obtained from third party information.

CVSS Vector
AV:N/AC:M/Au:N/C:N/I:P/A:N
  • Horde Groupware Webmail Edition

    APP
    Horde
    1.01.0.11.0.21.0.31.0.41.0.51.0.61.0.71.0.81.11.1.11.1.21.1.31.1.41.1.5+ 18 więcej
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
XSS
CWE
References

Related vulnerabilities

CVE-2008-7219HIGH10.0ten sam produkt

Horde Kronolith H3 2.1 before 2.1.7 and 2.2 before 2.2-RC2; Nag H3 2.1 before 2.1.4 and 2.2 before 2.2-RC2; Mn...

CVE-2008-7218HIGH10.0ten sam produkt

Unspecified vulnerability in the Horde API in Horde 3.1 before 3.1.6 and 3.2 before 3.2 before 3.2-RC2; Turba ...

CVE-2008-3650HIGH9.0ten sam produkt

Multiple unspecified vulnerabilities in Horde Groupware Webmail before Edition 1.1.1 (final) have unknown impa...

CVE-2012-0791MEDIUM4.3ten sam produkt

Multiple cross-site scripting (XSS) vulnerabilities in Horde IMP before 5.0.18 and Horde Groupware Webmail Edi...

CVE-2008-2783MEDIUM4.3ten sam produkt

Multiple cross-site scripting (XSS) vulnerabilities in Horde Groupware, Groupware Webmail Edition, and Kronoli...