Vulnerability Name:

CVE-2016-2228 (CCN-112304)

Assigned:2016-02-06
Published:2016-02-06
Updated:2019-06-18
Summary:Cross-site scripting (XSS) vulnerability in horde/templates/topbar/_menubar.html.php in Horde Groupware before 5.2.12 and Horde Groupware Webmail Edition before 5.2.12 allows remote attackers to inject arbitrary web script or HTML via the searchfield parameter, as demonstrated by a request to xplorer/gollem/manager.php.
CVSS v3 Severity:6.1 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)
5.3 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): Required
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): None
6.1 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)
5.3 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): Required
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): None
CVSS v2 Severity:4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
5.5 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:S/C:P/I:P/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): None
Vulnerability Type:CWE-79
Vulnerability Consequences:Cross-Site Scripting
References:Source: CONFIRM
Type: UNKNOWN
http://bugs.horde.org/ticket/14213

Source: MITRE
Type: CNA
CVE-2016-2228

Source: FEDORA
Type: UNKNOWN
FEDORA-2016-3d1183830b

Source: FEDORA
Type: UNKNOWN
FEDORA-2016-5d0e7f15ef

Source: MLIST
Type: Vendor Advisory
[announce] 20160202 [announce] [SECURITY] Horde Groupware 5.2.12 (final)

Source: MLIST
Type: Vendor Advisory
[announce] 20160202 [announce] [SECURITY] Horde Groupware Webmail Edition 5.2.12 (final)

Source: DEBIAN
Type: UNKNOWN
DSA-3497

Source: MLIST
Type: UNKNOWN
[oss-security] 20160206 CVE Request: Horde: Two cross-site scripting vulnerabilities

Source: CCN
Type: oss-sec Mailing List, Sat, 6 Feb 2016 15:50:39 -0500 (EST)
Re: CVE Request: Horde: Two cross-site scripting vulnerabilities

Source: MLIST
Type: UNKNOWN
[oss-security] 20160206 Re: CVE Request: Horde: Two cross-site scripting vulnerabilities

Source: CCN
Type: horde Web site
[#14213] Reflected Cross-Site Scripting (XSS)

Source: XF
Type: UNKNOWN
horde-groupware-cve20162228-xss(112304)

Source: CONFIRM
Type: UNKNOWN
https://github.com/horde/horde/blob/e838d4c800b0d1ecaf8b4cc613fd3af4f994c79c/bundles/webmail/docs/CHANGES

Source: CONFIRM
Type: Exploit
https://github.com/horde/horde/commit/ab07a1b447de34e13983b4d7ceb18b58c3a358d8

Vulnerable Configuration:Configuration 1:
  • cpe:/o:debian:debian_linux:8.0:*:*:*:*:*:*:*

    • Configuration 2:
  • cpe:/a:horde:groupware:*:*:*:*:*:*:*:* (Version <= 5.2.11)
  • OR cpe:/a:horde:horde_groupware:*:*:*:*:webmail_edition:*:*:* (Version <= 5.2.11)

    • Configuration 3:
  • cpe:/o:fedoraproject:fedora:22:*:*:*:*:*:*:*
  • OR cpe:/o:fedoraproject:fedora:23:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:com.ubuntu.xenial:def:201622280000000
    V
    		CVE-2016-2228 on Ubuntu 16.04 LTS (xenial) - medium.
    2016-04-13
    oval:com.ubuntu.artful:def:20162228000
    V
    		CVE-2016-2228 on Ubuntu 17.10 (artful) - medium.
    2016-04-13
    oval:com.ubuntu.xenial:def:20162228000
    V
    		CVE-2016-2228 on Ubuntu 16.04 LTS (xenial) - medium.
    2016-04-13
    oval:com.ubuntu.disco:def:201622280000000
    V
    		CVE-2016-2228 on Ubuntu 19.04 (disco) - medium.
    2016-04-13
    oval:com.ubuntu.bionic:def:20162228000
    V
    		CVE-2016-2228 on Ubuntu 18.04 LTS (bionic) - medium.
    2016-04-13
    oval:com.ubuntu.cosmic:def:201622280000000
    V
    		CVE-2016-2228 on Ubuntu 18.10 (cosmic) - medium.
    2016-04-13
    oval:com.ubuntu.cosmic:def:20162228000
    V
    		CVE-2016-2228 on Ubuntu 18.10 (cosmic) - medium.
    2016-04-13
    oval:com.ubuntu.bionic:def:201622280000000
    V
    		CVE-2016-2228 on Ubuntu 18.04 LTS (bionic) - medium.
    2016-04-13
    oval:com.ubuntu.trusty:def:20162228000
    V
    		CVE-2016-2228 on Ubuntu 14.04 LTS (trusty) - medium.
    2016-04-13
    BACK
    debian debian linux 8.0
    horde groupware *
    horde horde groupware *
    fedoraproject fedora 22
    fedoraproject fedora 23