Cross-Site Scripting Vulnerability in EGroupware by EGroupware
CVE-2010-3314

Currently unrated

Key Information:

Vendor

Egroupware

Status
Egroupware
Vendor
CVE Published:
22 September 2010

What is CVE-2010-3314?

A cross-site scripting (XSS) vulnerability exists in the login.php component of EGroupware, allowing remote attackers to inject arbitrary web scripts or HTML code through the 'lang' parameter. This security flaw may affect specific versions of EGroupware and EPL before their respective patches were released, posing a risk to users and their data integrity.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.exploit-db.com/exploits/11777/
exploitx_refsource_EXPLOIT-DB
http://www.egroupware.org/news?item=93
x_refsource_CONFIRM
http://www.debian.org/security/2010/dsa-2013
vendor-advisoryx_refsource_DEBIAN

Timeline

  • Vulnerability Reserved

  • Vulnerability published

JSON
.