lib/Horde/Mime/Viewer/Ooo.php in Horde Mime_Viewer prior to 2.2.4 allows XSS via an OpenOffice document, leading to account takeover in Horde Groupware Webmail Edition. This occurs after XSLT rendering.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
horde horde mime viewer |
||
debian debian linux 9.0 |
||
debian debian linux 10.0 |