| Revision Date: | 2022-06-30 | Version: | 1 |
| Title: | CVE-2012-0791 |
| Description: |
Multiple cross-site scripting (XSS) vulnerabilities in Horde IMP before 5.0.18 and Horde Groupware Webmail Edition before 4.0.6 allow remote attackers to inject arbitrary web script or HTML via the (1) composeCache, (2) rtemode, or (3) filename_* parameters to the compose page; (4) formname parameter to the contacts popup window; or (5) IMAP mailbox names. NOTE: some of these details are obtained from third party information.
|
| Family: | unix | Class: | vulnerability |
| Status: | | Reference(s): | CVE-2012-0791
Mitre CVE-2012-0791
SUSE CVE-2012-0791
openSUSE-SU-2012:0287-1
|
| Platform(s): | openSUSE 11.4
openSUSE 12.1
openSUSE 12.1 Update
openSUSE Tumbleweed
| Product(s): | |
| Definition Synopsis |
| Release Information suse114 is installed
AND horde3-dimp less than 1.1.8-0.3.1
OR Package Information
suse114 is installed
AND horde3-imp less than 4.3.11-0.3.1
|
| Definition Synopsis |
| openSUSE Tumbleweed is installed
AND horde5-imp-6.2.5-1.2 is installed
|