Multiple Cross-Site Scripting Vulnerabilities in Horde Kronolith by Horde Group
CVE-2005-4189
Currently unrated
What is CVE-2005-4189?
Horde Kronolith H3 versions prior to 2.0.6 are susceptible to multiple cross-site scripting (XSS) vulnerabilities that allow remote authenticated users to inject malicious web scripts or HTML into various input fields, including calendar names, event titles during deletions, category and location searches, and attendee email address fields when editing event details. This exploitation could lead to unauthorized actions or data exposure, highlighting the need for users to update to the latest version for enhanced security.
