Oval Definition:	oval:org.opensuse.security:def:20071473
Revision Date: 2015-11-16 Version: 1 Title: CVE-2007-1473 Description: Cross-site scripting (XSS) vulnerability in framework/NLS/NLS.php in Horde Framework before 3.1.4 RC1, when the login page contains a language selection box, allows remote attackers to inject arbitrary web script or HTML via the new_lang parameter to login.php. Family: unix Class: vulnerability Status: Reference(s): CVE-2007-1473 Platform(s): Open Enterprise Server openSUSE 10.2 SUSE CORE 9 for AMD64 and Intel EM64T SUSE CORE 9 for IBM POWER SUSE CORE 9 for IBM S/390 31bit SUSE CORE 9 for IBM zSeries 64bit SUSE CORE 9 for Itanium Processor Family SUSE CORE 9 for x86 SUSE LINUX 10.0 SUSE LINUX 10.1 SUSE LINUX 9.3 Product(s): Definition Synopsis Release Information sles9-oes is installed AND horde less than 2.2.5-63.19 OR Package Information suse100 is installed AND horde less than 3.0.5-4.14 OR suse101 is installed AND horde less than 3.0.9-19.7 OR suse93 is installed AND horde less than 3.0.2-3.16
BACK