Cross-Site Scripting Vulnerability in Horde Application Framework
CVE-2008-5917

Currently unrated

Key Information:

Vendor

Horde

Vendor
CVE Published:
21 January 2009

What is CVE-2008-5917?

The Horde Application Framework versions 3.2.2 and 3.3 are susceptible to a Cross-Site Scripting (XSS) vulnerability when accessed through Internet Explorer. This vulnerability arises from weaknesses in the XSS filter found in the framework's text filter module. Attackers can exploit this flaw by injecting arbitrary web scripts or HTML content through undisclosed vectors related to style attributes, potentially compromising the security of users' sessions and data.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.