Cross-Site Scripting Vulnerability in Turba Contact Manager by Horde
CVE-2008-6746

Currently unrated

Key Information:

Vendor

Horde

Status
Vendor
CVE Published:
23 April 2009

What is CVE-2008-6746?

A cross-site scripting (XSS) vulnerability exists in the contact display view of Turba Contact Manager H3, prior to version 2.2.1. This flaw allows remote attackers to exploit the application by injecting arbitrary web script or HTML via manipulated contact names, potentially compromising user security and privacy.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.