FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

horde -- Cross site scripting vulnerabilities in several of Horde's templates

Affected packages
horde < 3.0.8
horde-php5 < 3.0.8

Details

VuXML ID 01356ccc-6a87-11da-b96e-000fb586ba73
Discovery 2005-12-11
Entry 2005-12-11

Announce of Horde H3 3.0.8 (final):

This [3.0.8] is a security release that fixes cross site scripting vulnerabilities in several of Horde's templates. None of the vulnerabilities can be exploited by unauthenticated users; however, we strongly recommend that all users of Horde 3.0.7 upgrade to 3.0.8 as soon as possible.

[source]

References

URL http://marc.theaimsgroup.com/?l=horde-announce&m=113433346726097&w=2

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.