Multiple cross-site scripting (XSS) vulnerabilities in Horde Kronolith Calendar Application H4 prior to 3.0.17, as used in Horde Groupware Webmail Edition prior to 4.0.8, allow remote malicious users to inject arbitrary web script or HTML via the (1) tasks view or (2) search view.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
horde kronolith h4 3.0.11 |
||
horde kronolith h4 3.0.12 |
||
horde kronolith h4 3.0.13 |
||
horde kronolith h4 3.0.14 |
||
horde kronolith h4 3.0 |
||
horde kronolith h4 3.0.1 |
||
horde kronolith h4 |
||
horde kronolith h4 3.0.3 |
||
horde kronolith h4 3.0.8 |
||
horde kronolith h4 3.0.4 |
||
horde kronolith h4 3.0.5 |
||
horde kronolith h4 3.0.6 |
||
horde kronolith h4 3.0.7 |
||
horde kronolith h4 3.0.10 |
||
horde kronolith h4 3.0.15 |
||
horde kronolith h4 3.0.2 |
||
horde kronolith h4 3.0.9 |
||
horde groupware 4.0.6 |
||
horde groupware 4.0.5 |
||
horde groupware 4.0.4 |
||
horde groupware 4.0.3 |
||
horde groupware 4.0.1 |
||
horde groupware 4.0 |
||
horde groupware |
||
horde groupware 4.0.2 |
Vulmon