Cross-Site Scripting Vulnerabilities in eGroupWare by Interaktive
CVE-2007-5091

Currently unrated

Key Information:

Vendor

Egroupware

Status
Egroupware
Vendor
CVE Published:
26 September 2007

What is CVE-2007-5091?

Multiple cross-site scripting (XSS) vulnerabilities exist in eGroupWare 1.4.001, allowing remote attackers to inject arbitrary web scripts or HTML. This is possible through the 'cat_data[color]' parameter, impacting the preferences and admin components of the application. The vulnerabilities can lead to unauthorized script execution in the context of the user's session, which may compromise user privacy and data integrity.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securityfocus.com/bid/25800
vdb-entryx_refsource_BID
http://www.egroupware.org/viewvc/branches/1.4/admin/inc/c...
x_refsource_CONFIRM
http://www.egroupware.org/news
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.