CVE Vulnerabilities

CVE-2006-2195

Published: Jun 15, 2006 | Modified: Nov 21, 2024
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
6.8 MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu
UNTRIAGED

Cross-site scripting (XSS) vulnerability in horde 3 (horde3) before 3.1.1 allows remote attackers to inject arbitrary web script or HTML via (1) templates/problem/problem.inc and (2) test.php.

Affected Software

Name Vendor Start Version End Version
Horde Horde * 3.0.9 (including)
Horde Horde 3.0 (including) 3.0 (including)
Horde Horde 3.0.1 (including) 3.0.1 (including)
Horde Horde 3.0.2 (including) 3.0.2 (including)
Horde Horde 3.0.3 (including) 3.0.3 (including)
Horde Horde 3.0.4 (including) 3.0.4 (including)
Horde Horde 3.0.4_rc1 (including) 3.0.4_rc1 (including)
Horde Horde 3.0.4_rc2 (including) 3.0.4_rc2 (including)
Horde Horde 3.0.6 (including) 3.0.6 (including)
Horde Horde 3.0.7 (including) 3.0.7 (including)
Horde Horde 3.0.8 (including) 3.0.8 (including)
Horde3 Ubuntu dapper *
Horde3 Ubuntu devel *
Horde3 Ubuntu edgy *
Horde3 Ubuntu feisty *
Horde3 Ubuntu gutsy *
Horde3 Ubuntu hardy *
Horde3 Ubuntu intrepid *
Horde3 Ubuntu jaunty *
Horde3 Ubuntu karmic *

References