Cross-Site Scripting in EGroupware Enterprise Line and Community Edition
CVE-2011-4950

Currently unrated

Key Information:

Vendor

Egroupware

Status
Egroupware
Vendor
CVE Published:
31 August 2012

What is CVE-2011-4950?

A cross-site scripting vulnerability exists in the EGroupware Enterprise Line and Community Edition, allowing remote attackers to exploit the flaw via the 'lang' parameter in the test.php file. This can lead to the injection of arbitrary web scripts or HTML, potentially exposing users to malicious attacks and data breaches. Updating to the latest versions protects against such vulnerabilities.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.egroupware.org/epl-changelog
x_refsource_CONFIRM
http://packetstormsecurity.org/files/100180/eGroupware-1....
x_refsource_MISC
http://www.egroupware.org/changelog
x_refsource_CONFIRM

Timeline

  • Vulnerability Reserved

  • Vulnerability published

JSON
.