Cross-Site Scripting Vulnerability in Horde Groupware Affecting Specific Versions
CVE-2017-16907
5.4MEDIUM
What is CVE-2017-16907?
Horde Groupware versions 5.2.19 and 5.2.21 are prone to a Cross-Site Scripting vulnerability via the Color field during the Create Task List action. This flaw may allow attackers to inject malicious scripts, potentially compromising user data and account security. It is recommended for users of affected versions to apply the latest security updates to mitigate any risks associated with this vulnerability.
