Cross-Site Scripting Vulnerability in Turba Contact Manager by Horde
CVE-2008-6746
Currently unrated
What is CVE-2008-6746?
A cross-site scripting (XSS) vulnerability exists in the contact display view of Turba Contact Manager H3, prior to version 2.2.1. This flaw allows remote attackers to exploit the application by injecting arbitrary web script or HTML via manipulated contact names, potentially compromising user security and privacy.
