oss-sec mailing list archives
Re: CVE id request: horde3/turba2
From: "Steven M. Christey" <coley () linus mitre org>
Date: Sun, 27 Jul 2008 17:57:05 -0400 (EDT)
====================================================== Name: CVE-2008-3330 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3330 Reference: CONFIRM:http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492578 Cross-site scripting (XSS) vulnerability in services/obrowser/index.php in Horde 3.2 and Turba 2.2 allows remote attackers to inject arbitrary web script or HTML via the contact name.
Current thread:
- CVE id request: horde3/turba2 Nico Golde (Jul 27)
- Re: CVE id request: horde3/turba2 Steven M. Christey (Jul 27)
- Re: CVE id request: horde3/turba2 Tomas Hoger (Jul 28)
- Re: CVE id request: horde3/turba2 Nico Golde (Jul 28)
- Re: CVE id request: horde3/turba2 Steven M. Christey (Jul 28)
- Re: CVE id request: horde3/turba2 Tomas Hoger (Jul 28)
- Re: CVE id request: horde3/turba2 Steven M. Christey (Jul 27)