Cross-site scripting (XSS) vulnerability in horde/templates/topbar/_menubar.html.php in Horde Groupware before 5.2.12 and Horde Groupware Webmail Edition before 5.2.12 allows remote attackers to inject arbitrary web script or HTML via the searchfield parameter, as demonstrated by a request to xplorer/gollem/manager.php.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: debian
Published: 2016-04-13T16:00:00
Updated: 2016-04-13T15:57:01
Reserved: 2016-02-06T00:00:00
Link: CVE-2016-2228
JSON object: View
NVD Information
Status : Analyzed
Published: 2016-04-13T16:59:12.207
Modified: 2019-06-18T16:29:44.233
Link: CVE-2016-2228
JSON object: View
Redhat Information
No data.
CWE