CVE-2012-0909

EUVD-2012-0932
Cross-site scripting (XSS) vulnerability in Horde_Form in Horde Groupware Webmail Edition before 4.0.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to email verification.  NOTE: Some of these details are obtained from third party information.
Cross-site Scripting
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 52%
Affected Products (NVD)
VendorProductVersion
hordegroupware_webmail_edition
𝑥
≤ 4.0.5
hordegroupware_webmail_edition
1.0
hordegroupware_webmail_edition
1.0:rc1
hordegroupware_webmail_edition
1.0:rc2
hordegroupware_webmail_edition
1.0.1
hordegroupware_webmail_edition
1.0.2
hordegroupware_webmail_edition
1.0.3
hordegroupware_webmail_edition
1.0.4
hordegroupware_webmail_edition
1.0.5
hordegroupware_webmail_edition
1.0.6
hordegroupware_webmail_edition
1.0.7
hordegroupware_webmail_edition
1.0.8
hordegroupware_webmail_edition
1.1
hordegroupware_webmail_edition
1.1:rc1
hordegroupware_webmail_edition
1.1:rc2
hordegroupware_webmail_edition
1.1:rc3
hordegroupware_webmail_edition
1.1:rc4
hordegroupware_webmail_edition
1.1.1
hordegroupware_webmail_edition
1.1.2
hordegroupware_webmail_edition
1.1.3
hordegroupware_webmail_edition
1.1.4
hordegroupware_webmail_edition
1.1.5
hordegroupware_webmail_edition
1.1.6
hordegroupware_webmail_edition
1.2
hordegroupware_webmail_edition
1.2:rc1
hordegroupware_webmail_edition
1.2.1
hordegroupware_webmail_edition
1.2.2
hordegroupware_webmail_edition
1.2.3
hordegroupware_webmail_edition
1.2.3:rc1
hordegroupware_webmail_edition
1.2.4
hordegroupware_webmail_edition
1.2.5
hordegroupware_webmail_edition
1.2.6
hordegroupware_webmail_edition
1.2.7
hordegroupware_webmail_edition
1.2.8
hordegroupware_webmail_edition
1.2.9
hordegroupware_webmail_edition
1.2.10
hordegroupware_webmail_edition
4.0
hordegroupware_webmail_edition
4.0:rc1
hordegroupware_webmail_edition
4.0:rc2
hordegroupware_webmail_edition
4.0.1
hordegroupware_webmail_edition
4.0.2
hordegroupware_webmail_edition
4.0.3
hordegroupware_webmail_edition
4.0.4
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
imp4
hardy
ignored
lucid
ignored
maverick
ignored
natty
ignored
oneiric
ignored
precise
ignored
quantal
ignored
raring
dne
saucy
dne
trusty
dne
utopic
dne
vivid
dne
wily
dne
xenial
dne
yakkety
dne
zesty
dne
Common Weakness Enumeration
References
http://secunia.com/advisories/47592
http://www.horde.org/apps/webmail/docs/CHANGES
http://www.horde.org/apps/webmail/docs/RELEASE_NOTES
http://www.openwall.com/lists/oss-security/2012/01/22/2
http://www.securityfocus.com/bid/51586
http://secunia.com/advisories/47592
http://www.horde.org/apps/webmail/docs/CHANGES
http://www.horde.org/apps/webmail/docs/RELEASE_NOTES
http://www.openwall.com/lists/oss-security/2012/01/22/2
http://www.securityfocus.com/bid/51586