18 results (0.003 seconds)

CVSS: 8.0EPSS: 0%CPEs: 2EXPL: 1

Horde Groupware Webmail Edition through 5.2.22 allows a reflection injection attack through which an attacker can instantiate a driver class. This then leads to arbitrary deserialization of PHP objects. Horde Groupware Webmail Edition versiones hasta 5.2.22, permite un ataque de inyección de reflexión mediante el cual un atacante puede instanciar una clase de controlador. Esto conlleva a una deserialización arbitraria de objetos PHP • https://blog.sonarsource.com/horde-webmail-rce-via-email https://lists.debian.org/debian-lts-announce/2022/08/msg00022.html https://www.horde.org/apps/webmail • CWE-470: Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') CWE-502: Deserialization of Untrusted Data •

CVSS: 6.1EPSS: 3%CPEs: 2EXPL: 3

An XSS issue was discovered in Horde Groupware Webmail Edition through 5.2.22 (where the Horde_Text_Filter library before 2.3.7 is used). The attacker can send a plain text e-mail message, with JavaScript encoded as a link or email that is mishandled by preProcess in Text2html.php, because bespoke use of \x00\x00\x00 and \x01\x01\x01 interferes with XSS defenses. Se detectó un problema de tipo XSS en Horde Groupware Webmail Edition versiones hasta 5.2.22 (donde es usada la biblioteca Horde_Text_Filter versiones anteriores a 2.3.7). El atacante puede enviar un mensaje de correo electrónico de texto plano, con JavaScript codificado como un enlace o correo electrónico que es manejado apropiadamente por la función preProcess en el archivo Text2html.php, porque el uso personalizado de \x00\x00\x00 y \x01\x01\x01 interfiere con las defensas de XSS Webmail Edition version 5.2.22 suffers from remote code execution and cross site scripting vulnerabilities via the Horde_Text_Filter library. • https://www.exploit-db.com/exploits/49769 http://packetstormsecurity.com/files/162187/Webmail-Edition-5.2.22-XSS-Remote-Code-Execution.html http://packetstormsecurity.com/files/162194/Horde-Groupware-Webmail-5.2.22-Cross-Site-Scripting.html https://github.com/horde/webmail/releases https://lists.debian.org/debian-lts-announce/2021/02/msg00028.html https://lists.horde.org/archives/announce/2021/001298.html https://www.alexbirnberg.com/horde-xss.html https://www.horde.org/apps/webmail • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

The image view functionality in Horde Groupware Webmail Edition before 5.2.22 is affected by a stored Cross-Site Scripting (XSS) vulnerability via an SVG image upload containing a JavaScript payload. An attacker can obtain access to a victim's webmail account by making them visit a malicious URL. La funcionalidad image view en Horde Groupware Webmail Edition versiones anteriores a 5.2.22, está afectada por una vulnerabilidad de tipo Cross-Site Scripting (XSS) almacenada por medio de una carga de imagen SVG que contiene una carga útil de JavaScript. Un atacante puede obtener acceso a una cuenta de correo web de una víctima al hacer que visite una URL maliciosa. • https://github.com/horde/base/blob/c00f2fdb222055fb2ccb6d53b5b5240c0a7d2a75/docs/CHANGES https://lists.debian.org/debian-lts-announce/2020/05/msg00035.html https://lists.horde.org/archives/announce/2020/001290.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 6

Horde Groupware Webmail Edition through 5.2.22 allows XSS via an admin/user.php?form=update_f&user_name= or admin/user.php?form=remove_f&user_name= or admin/config/diff.php?app= URI. Horde Groupware Webmail Edition hasta la versión 5.2.22 permite XSS a través de admin / user.php? • https://bugs.horde.org/ticket/14926 https://cxsecurity.com/issue/WLB-2019050199 https://numanozdemir.com/respdisc/horde/horde.mp4 https://numanozdemir.com/respdisc/horde/horde.txt https://packetstormsecurity.com/files/152975/Horde-Webmail-5.2.22-XSS-CSRF-SQL-Injection-Code-Execution.html https://www.exploit-db.com/exploits/46903 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 8.8EPSS: 6%CPEs: 1EXPL: 6

Horde Trean, as used in Horde Groupware Webmail Edition through 5.2.22 and other products, allows CSRF, as demonstrated by the treanBookmarkTags parameter to the trean/ URI on a webmail server. NOTE: treanBookmarkTags could, for example, be a stored XSS payload. Horde Trean, como se utiliza en Horde Groupware Webmail Edition a través de 5.2.22 y otros productos, permite CSRF, como lo demuestra el parámetro treanBookmarkTags al trean / URI en un servidor de correo web. NOTA: treanBookmarkTags podría, por ejemplo, ser una carga útil XSS almacenada. Horde Webmail version 5.2.22 suffers from code execution, cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities. • https://bugs.horde.org/ticket/14926 https://cxsecurity.com/issue/WLB-2019050199 https://exchange.xforce.ibmcloud.com/vulnerabilities/161333 https://lists.debian.org/debian-lts-announce/2019/12/msg00015.html https://numanozdemir.com/respdisc/horde/horde.mp4 https://numanozdemir.com/respdisc/horde/horde.txt https://packetstormsecurity.com/files/152975/Horde-Webmail-5.2.22-XSS-CSRF-SQL-Injection-Code-Execution.html https://www.exploit-db.com/exploits/46903 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-352: Cross-Site Request Forgery (CSRF) •