Cross-Site Scripting Vulnerability in Horde and Turba Products
CVE-2008-3330

Currently unrated

Key Information:

Vendor

Debian
Status
Turba
Horde
Vendor
CVE Published:
27 July 2008

What is CVE-2008-3330?

An XSS vulnerability exists in the services/obrowser/index.php component of Horde 3.2 and Turba 2.2, which allows attackers to inject arbitrary HTML or web scripts via the manipulation of the contact name input. This could potentially compromise user data and website integrity.

References

http://www.securityfocus.com/bid/29745
vdb-entryx_refsource_BID
http://www.securitytracker.com/id?1020566
vdb-entryx_refsource_SECTRACK
https://exchange.xforce.ibmcloud.com/vulnerabilities/44198
vdb-entryx_refsource_XF

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.