[pkg-horde] Bug#434045: Bug#434045: horde3: Cross-site scripting (XSS) vulnerability

Gregory Colpart reg at evolix.fr
Sun Jul 22 03:47:06 UTC 2007

On Sat, Jul 21, 2007 at 04:21:08PM +0200, Steffen Joeris wrote:
> A possible security hole has been discovered in horde3.
> The CVE[0] text says:
> Cross-site scripting (XSS) vulnerability in framework/NLS/NLS.php
> in Horde Framework before 3.1.4 RC1, when the login page contains
> a language selection box, allows remote attackers to inject 
> arbitrary web script or HTML via the new_lang parameter to login.php.
> It states that all the versions in Debian are effected. Feel
> free to downgrade the bug, if I am mistaken.

I was wrong here[*], because an attacker could also inject data
in HTML code of all pages. Then we could imagine a lot of
attacks, for example a fake login/password <form>...
I am working on updated packages and warning security team.

Gregory Colpart <reg at evolix.fr>  GnuPG:1024D/C1027A0E
Evolix - Informatique et Logiciels Libres http://www.evolix.fr/

More information about the pkg-horde-hackers mailing list