Multiple Vulnerabilities in Horde Groupware Webmail Affecting Unescaped Output
CVE-2008-3650

Currently unrated

Key Information:

Vendor

Horde

Vendor
CVE Published:
13 August 2008

What is CVE-2008-3650?

Horde Groupware Webmail is susceptible to multiple unspecified vulnerabilities that arise from unescaped output, which may enable potential attackers to perform cross-site scripting (XSS) attacks. The affected versions prior to Edition 1.1.1 lack adequate validation, exposing critical areas such as the object browser and the contact view to exploit. This vulnerability highlights the importance of proper output sanitization and validation in web applications.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.