Published: 20/11/2017 Updated: 29/08/2020

CVSS v2 Base Score: 3.5 | Impact Score: 2.9 | Exploitability Score: 6.8

CVSS v3 Base Score: 5.4 | Impact Score: 2.7 | Exploitability Score: 2.3

VMScore: 312

Vector: AV:N/AC:M/Au:S/C:N/I:P/A:N

In Horde Groupware 5.2.19, there is XSS via the Name field during creation of a new Resource. This can be leveraged for remote code execution after compromising an administrator account, because the CVE-2015-7984 CSRF protection mechanism can then be bypassed.

Vulnerable Product	Search on Vulmon	Subscribe to Product
horde groupware 5.2.19

Debian Bug report logs - #909738 php-horde-kronolith: CVE-2017-16908 XSS via Name field Package: php-horde-kronolith; Maintainer for php-horde-kronolith is Horde Maintainers <team+debian-horde-team@trackerdebianorg>; Source for php-horde-kronolith is src:php-horde-kronolith (PTS, buildd, popcon) Reported by: Markus Koschan ...

Debian Bug report logs - #909737 php-horde-kronolith: CVE-2017-16906 XSS via URL field Package: php-horde-kronolith; Maintainer for php-horde-kronolith is Horde Maintainers <team+debian-horde-team@trackerdebianorg>; Source for php-horde-kronolith is src:php-horde-kronolith (PTS, buildd, popcon) Reported by: Markus Koschany ...

CWE-79 http://code610.blogspot.com/2017/11/rce-via-xss-horde-5219.html https://github.com/horde/kronolith/commit/39f740068ad21618f6f70b6e37855c61cadbd716 https://lists.debian.org/debian-lts-announce/2020/08/msg00048.html https://nvd.nist.gov https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=909738

CVE-2017-16908

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect