Cross-site scripting (XSS) vulnerability in (1) Text_Filter/Filter/xss.php in Horde 3.1.x prior to 3.1.9 and 3.2.x prior to 3.2.2 and (2) externalinput.php in Popoon r22196 and previous versions allows remote malicious users to inject arbitrary web script or HTML by using / (slash) characters as replacements for spaces in an HTML e-mail message.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
horde horde 3.2 |
||
horde horde 3.1.6 |
||
horde horde 3.1.8 |
||
popoon popoon |
||
horde horde 3.2.1 |
||
horde horde 3.1.2 |
||
horde horde 3.1.1 |
||
horde horde 3.1.7 |
||
horde horde 3.1.5 |
||
horde horde 3.1.4 |
||
horde horde 3.1.3 |