Cross-site Scripting Vulnerabilities in eGroupware by eGroupware
CVE-2005-1202

Currently unrated

Key Information:

Vendor

Egroupware

Status
Egroupware
Vendor
CVE Published:
2 May 2005

What is CVE-2005-1202?

eGroupware versions before 1.0.0.007 are affected by multiple cross-site scripting (XSS) vulnerabilities. These vulnerabilities can be exploited by remote attackers who inject arbitrary web scripts or HTML through various parameters in the index.php file, including ab_id, page, type, lang, and category_id. The exploit allows attackers to manipulate the content displayed to users, potentially leading to unauthorized access or data theft.

References

http://sourceforge.net/project/shownotes.php?release_id=3...
x_refsource_CONFIRM
http://www.osvdb.org/15751
vdb-entryx_refsource_OSVDB
http://www.securityfocus.com/bid/13212
vdb-entryx_refsource_BID

EPSS Score

7% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.