Unspecified cross-site scripting (XSS) vulnerability in Horde before 2.2.9 allows remote attackers to inject arbitrary web script or HTML via "not properly escaped error messages".
References
Link | Resource |
---|---|
http://cvs.horde.org/diff.php/horde/docs/CHANGES?r1=1.207.2.109&r2=1.207.2.111&ty=h | Patch |
http://lists.horde.org/archives/announce/2005/000231.html | |
http://secunia.com/advisories/17468 | Patch Vendor Advisory |
http://secunia.com/advisories/17702 | Patch Vendor Advisory |
http://secunia.com/advisories/17794 | Patch Vendor Advisory |
http://www.debian.org/security/2005/dsa-914 | Patch Vendor Advisory |
http://www.gentoo.org/security/en/glsa/glsa-200511-20.xml | Patch Vendor Advisory |
http://www.securityfocus.com/bid/15409 | Patch |
http://www.vupen.com/english/advisories/2005/2403 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2005-11-16T07:37:00
Updated: 2005-11-30T10:00:00
Reserved: 2005-11-16T00:00:00
Link: CVE-2005-3570
JSON object: View
NVD Information
Status : Analyzed
Published: 2005-11-16T07:42:00.000
Modified: 2011-05-19T04:00:00.000
Link: CVE-2005-3570
JSON object: View
Redhat Information
No data.
CWE