CVE-2012-5565

Cross-site scripting (XSS) vulnerability in js/compose-dimp.js in Horde Internet Mail Program (IMP) before 5.0.24, as used in Horde Groupware Webmail Edition before 4.0.9, allows remote attackers to inject arbitrary web script or HTML via a crafted name for an attached file, related to the dynamic view.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:horde:imp:5.0.12:*:*:*:*:*:*:*
cpe:2.3:a:horde:imp:5.0.10:*:*:*:*:*:*:*
cpe:2.3:a:horde:imp:5.0.8:*:*:*:*:*:*:*
cpe:2.3:a:horde:imp:5.0.6:*:*:*:*:*:*:*
cpe:2.3:a:horde:imp:5.0.20:*:*:*:*:*:*:*
cpe:2.3:a:horde:imp:5.0.16:*:*:*:*:*:*:*
cpe:2.3:a:horde:imp:5.0.5:*:*:*:*:*:*:*
cpe:2.3:a:horde:imp:5.0.9:*:*:*:*:*:*:*
cpe:2.3:a:horde:imp:*:*:*:*:*:*:*:*
cpe:2.3:a:horde:imp:5.0.22:*:*:*:*:*:*:*
cpe:2.3:a:horde:imp:5.0.13:*:*:*:*:*:*:*
cpe:2.3:a:horde:imp:5.0.11:*:*:*:*:*:*:*
cpe:2.3:a:horde:imp:5.0.19:*:*:*:*:*:*:*
cpe:2.3:a:horde:imp:5.0.17:*:*:*:*:*:*:*
cpe:2.3:a:horde:imp:5.0.4:*:*:*:*:*:*:*
cpe:2.3:a:horde:imp:5.0.18:*:*:*:*:*:*:*
cpe:2.3:a:horde:imp:5.0.14:*:*:*:*:*:*:*
cpe:2.3:a:horde:imp:5.0.7:*:*:*:*:*:*:*
cpe:2.3:a:horde:imp:5.0.21:*:*:*:*:*:*:*
cpe:2.3:a:horde:imp:5.0.15:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:horde:groupware:4.0.6:*:webamail:*:*:*:*:*
cpe:2.3:a:horde:groupware:4.0.5:*:webamail:*:*:*:*:*
cpe:2.3:a:horde:groupware:4.0.4:*:webamail:*:*:*:*:*
cpe:2.3:a:horde:groupware:4.0.3:*:webamail:*:*:*:*:*
cpe:2.3:a:horde:groupware:4.0.7:*:webamail:*:*:*:*:*
cpe:2.3:a:horde:groupware:4.0.2:*:webamail:*:*:*:*:*
cpe:2.3:a:horde:groupware:4.0:*:webamail:*:*:*:*:*
cpe:2.3:a:horde:groupware:4.0:rc1:webamail:*:*:*:*:*
cpe:2.3:a:horde:groupware:*:*:webamail:*:*:*:*:*
cpe:2.3:a:horde:groupware:4.0.1:*:webamail:*:*:*:*:*
cpe:2.3:a:horde:groupware:4.0:rc2:webamail:*:*:*:*:*

Information

Published : 2014-04-05 14:55

Updated : 2014-04-07 08:36


NVD link : CVE-2012-5565

Mitre link : CVE-2012-5565


JSON object : View

CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Advertisement

dedicated server usa

Products Affected

horde

  • groupware
  • imp