CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 1CVE-2017-16907
https://notcve.org/view.php?id=CVE-2017-16907
In Horde Groupware 5.2.19 and 5.2.21, there is XSS via the Color field in a Create Task List action. En Horde Groupware 5.2.19 y 5.2.21, existe XSS mediante el campo Color en una acción Create Task List. • http://code610.blogspot.com/2017/11/rce-via-xss-horde-5219.html https://github.com/horde/base/commit/fb2113bbcd04bd4a28c46aad0889fb0a3979a230 https://lists.debian.org/debian-lts-announce/2020/08/msg00046.html https://lists.debian.org/debian-lts-announce/2020/08/msg00047.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2017-16908
https://notcve.org/view.php?id=CVE-2017-16908
In Horde Groupware 5.2.19, there is XSS via the Name field during creation of a new Resource. This can be leveraged for remote code execution after compromising an administrator account, because the CVE-2015-7984 CSRF protection mechanism can then be bypassed. En Horde Groupware 5.2.19, existe XSS mediante el campo Name durante la creación de un nuevo recurso. Esto puede aprovecharse para ejecutar código de forma remota tras comprometer una cuenta de administrador, ya que se puede omitir el mecanismo de protección CSRF relacionado con CVE-2015-7984. • http://code610.blogspot.com/2017/11/rce-via-xss-horde-5219.html https://github.com/horde/kronolith/commit/39f740068ad21618f6f70b6e37855c61cadbd716 https://lists.debian.org/debian-lts-announce/2020/08/msg00048.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 2CVE-2017-16906
https://notcve.org/view.php?id=CVE-2017-16906
In Horde Groupware 5.2.19-5.2.22, there is XSS via the URL field in a "Calendar -> New Event" action. En Horde Groupware 5.2.19-5.2.22, existe XSS mediante el campo URL en una acción "Calendar -> New Event". • http://code610.blogspot.com/2017/11/rce-via-xss-horde-5219.html https://github.com/horde/kronolith/commit/09d90141292f9ec516a7a2007bf828ce2bbdf60d https://github.com/starnightcyber/Miscellaneous/blob/master/Horde/README.md https://lists.debian.org/debian-lts-announce/2020/08/msg00049.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 5%CPEs: 1EXPL: 2CVE-2017-15235 – Horde Groupware 5.2.21 - Unauthorized File Download
https://notcve.org/view.php?id=CVE-2017-15235
The File Manager (gollem) module 3.0.11 in Horde Groupware 5.2.21 allows remote attackers to bypass Horde authentication for file downloads via a crafted fn parameter that corresponds to the exact filename. El módulo File Manager (gollem) 3.0.11 en Horde Groupware 5.2.21 permite que atacantes remotos omitan la autenticación de Horde para descargas de archivos mediante un parámetro fn manipulado que corresponde al nombre de archivo exacto. • https://www.exploit-db.com/exploits/44059 https://blogs.securiteam.com/index.php/archives/3454 https://lists.debian.org/debian-lts-announce/2020/08/msg00050.html • CWE-425: Direct Request ('Forced Browsing') •
CVSS: 7.5EPSS: 0%CPEs: 23EXPL: 0CVE-2017-7414
https://notcve.org/view.php?id=CVE-2017-7414
In Horde_Crypt before 2.7.6, as used in Horde Groupware Webmail Edition 5.x through 5.2.17, OS Command Injection can occur if the user has PGP features enabled in the user's preferences, and has enabled the "Should PGP signed messages be automatically verified when viewed?" preference. To exploit this vulnerability, an attacker can send a PGP signed email (that is maliciously crafted) to the Horde user, who then must either view or preview it. En Horde_Crypt en versiones anteriores a 2.7.6, como se utiliza en Horde Groupware Webmail Edition 5.x hasta la versión 5.2.17, OS puede ocurrir si el usuario tiene activadas las características de PGP en las preferencias del usuario y ha activado la preferencia "¿Deberían verificarse automáticamente los mensajes firmados de PGP cuando se visualizan?". Para aprovechar esta vulnerabilidad, un atacante puede enviar un correo electrónico firmado por PGP (que se ha creado de manera malintencionada) al usuario de la Horda, que debe verlo o visualizarlo. • https://lists.debian.org/debian-lts-announce/2018/06/msg00006.html https://lists.horde.org/archives/horde/Week-of-Mon-20170403/056767.html • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •