Cross-Site Scripting Vulnerabilities in Horde Nag Task List Manager
CVE-2005-4191
Currently unrated
What is CVE-2005-4191?
The Horde Nag Task List Manager H3 prior to version 2.0.4 contains multiple cross-site scripting (XSS) vulnerabilities within the tasklists.inc file. These flaws allow remote authenticated users to execute arbitrary web scripts or HTML. Specifically, an attacker can manipulate the tasklist's name or description fields to inject malicious content when creating a new tasklist. This can lead to various security risks, including theft of user credentials or session hijacking.
