CVE-2009-0931
17.03.2009, 21:30
Cross-site scripting (XSS) vulnerability in the tag cloud search script (horde/services/portal/cloud_search.php) in Horde before 3.2.4 and 3.3.3, and Horde Groupware before 1.1.5, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
| Vendor | Product | Version |
|---|---|---|
| debian | horde | 𝑥 ≤ 3.3.1 |
| debian | horde | 𝑥 ≤ 3.3.2 |
| debian | horde | 3.2.2 |
| debian | horde | 3.2.3 |
| debian | horde | 3.3 |
| debian | horde_groupware | 𝑥 ≤ 1.1.1 |
| debian | horde_groupware | 𝑥 ≤ 1.1.2 |
| debian | horde_groupware | 𝑥 ≤ 1.1.3 |
| debian | horde_groupware | 𝑥 ≤ 1.1.4 |
𝑥
= Vulnerable software versions
Ubuntu Releases
Ubuntu Product | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| horde2 |
| ||||||||||||||||||||
| horde3 |
|
References