[pkg-horde] Bug#492578: CVE id assigned
Nico Golde
nion at debian.org
Sun Jul 27 22:33:14 UTC 2008
Hi,
a CVE id has been assigned to this issue:
======================================================
Name: CVE-2008-3330
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3330
Reference: CONFIRM:http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492578
Cross-site scripting (XSS) vulnerability in
services/obrowser/index.php in Horde 3.2 and Turba 2.2 allows remote
attackers to inject arbitrary web script or HTML via the contact name.
Cheers
Nico
--
Nico Golde - http://www.ngolde.de - nion at jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/pkg-horde-hackers/attachments/20080728/4b86cc7e/attachment-0001.pgp
More information about the pkg-horde-hackers
mailing list