Cross-site Scripting Vulnerability in Horde Groupware and Horde Web Applications
CVE-2009-0931

Currently unrated

Key Information:

Vendor: Debian
Status: Horde; Horde Groupware
Vendor: CVE Published:; 17 March 2009

What is CVE-2009-0931?

A cross-site scripting (XSS) vulnerability exists in the tag cloud search script of Horde, allowing remote attackers to inject arbitrary web scripts or HTML through unspecified vectors. This issue affects multiple versions of Horde and Horde Groupware, emphasizing the importance of upgrading to secure versions to mitigate potential exploitation risks.

References

http://lists.horde.org/archives/announce/2009/000486.html

mailing-listx_refsource_MLIST

http://cvs.horde.org/co.php/horde/docs/CHANGES?r=1.515.2.503

x_refsource_CONFIRM

http://www.securityfocus.com/bid/33491

vdb-entryx_refsource_BID

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Mar 17, 2009

Debian

What is CVE-2009-0931?

References

Timeline