Cross-Site Scripting Vulnerability in Horde Gollem by Horde
CVE-2010-3447
Currently unrated
What is CVE-2010-3447?
A Cross-Site Scripting (XSS) vulnerability exists in the view.php file of the Horde Gollem file viewer prior to version 1.1.2. This flaw enables remote attackers to inject arbitrary web scripts or HTML code by manipulating the file parameter in a view_file action, which can compromise user sessions, redirect users to malicious sites, or manipulate the content displayed to them. Developers and administrators using affected versions are advised to implement the necessary patches to mitigate potential security risks.
