Multiple Cross-Site Scripting Vulnerabilities in Horde Application Framework and Groupware Products
CVE-2009-3237
Currently unrated
What is CVE-2009-3237?
The Horde Application Framework and various Groupware products are susceptible to multiple cross-site scripting vulnerabilities. These issues arise from improper handling of user inputs, such as crafted number preferences and unknown MIME 'text parts'. Attackers can exploit these vulnerabilities to inject arbitrary web scripts or HTML, potentially leading to unauthorized actions on behalf of users. Updating to the latest versions of the affected products mitigates these risks.
