Oval Definition:oval:com.ubuntu.bionic:def:201716908000
Revision Date:2017-11-20Version:1
Title:CVE-2017-16908 on Ubuntu 18.04 LTS (bionic) - medium.
Description:In Horde Groupware 5.2.19, there is XSS via the Name field during creation of a new Resource. This can be leveraged for remote code execution after compromising an administrator account, because the CVE-2015-7984 CSRF protection mechanism can then be bypassed.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2017-16908
Platform(s):Ubuntu 18.04 LTS
Product(s):
Definition Synopsis
  • Ubuntu 18.04 LTS (bionic) is installed.
  • AND The vulnerability of the 'php-horde' package in bionic is not known (status: 'needs-triage'). It is pending evaluation.
  • BACK