Date: Tue, 12 Aug 2008 20:31:05 -0400 (EDT) From: "Steven M. Christey" <coley@...us.mitre.org> To: oss-security@...ts.openwall.com cc: "Steven M. Christey" <coley@...re.org> Subject: Re: horde webmail edition < 1.1.1 ====================================================== Name: CVE-2008-3650 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3650 Reference: MLIST:[horde-announce] 20080614 [announce] Horde Groupware Webmail Edition 1.1.1 (final) Reference: URL:http://lists.horde.org/archives/announce/2008/000420.html Multiple unspecified vulnerabilities in Horde Groupware Webmail before Edition 1.1.1 (final) have unknown impact and attack vectors related to "unescaped output," possibly cross-site scripting (XSS), in the (1) object browser and (2) contact view.
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.