CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 1CVE-2017-16907
https://notcve.org/view.php?id=CVE-2017-16907
In Horde Groupware 5.2.19 and 5.2.21, there is XSS via the Color field in a Create Task List action. En Horde Groupware 5.2.19 y 5.2.21, existe XSS mediante el campo Color en una acción Create Task List. • http://code610.blogspot.com/2017/11/rce-via-xss-horde-5219.html https://github.com/horde/base/commit/fb2113bbcd04bd4a28c46aad0889fb0a3979a230 https://lists.debian.org/debian-lts-announce/2020/08/msg00046.html https://lists.debian.org/debian-lts-announce/2020/08/msg00047.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 2CVE-2017-16906
https://notcve.org/view.php?id=CVE-2017-16906
In Horde Groupware 5.2.19-5.2.22, there is XSS via the URL field in a "Calendar -> New Event" action. En Horde Groupware 5.2.19-5.2.22, existe XSS mediante el campo URL en una acción "Calendar -> New Event". • http://code610.blogspot.com/2017/11/rce-via-xss-horde-5219.html https://github.com/horde/kronolith/commit/09d90141292f9ec516a7a2007bf828ce2bbdf60d https://github.com/starnightcyber/Miscellaneous/blob/master/Horde/README.md https://lists.debian.org/debian-lts-announce/2020/08/msg00049.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2017-16908
https://notcve.org/view.php?id=CVE-2017-16908
In Horde Groupware 5.2.19, there is XSS via the Name field during creation of a new Resource. This can be leveraged for remote code execution after compromising an administrator account, because the CVE-2015-7984 CSRF protection mechanism can then be bypassed. En Horde Groupware 5.2.19, existe XSS mediante el campo Name durante la creación de un nuevo recurso. Esto puede aprovecharse para ejecutar código de forma remota tras comprometer una cuenta de administrador, ya que se puede omitir el mecanismo de protección CSRF relacionado con CVE-2015-7984. • http://code610.blogspot.com/2017/11/rce-via-xss-horde-5219.html https://github.com/horde/kronolith/commit/39f740068ad21618f6f70b6e37855c61cadbd716 https://lists.debian.org/debian-lts-announce/2020/08/msg00048.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 5%CPEs: 1EXPL: 2CVE-2017-15235 – Horde Groupware 5.2.21 - Unauthorized File Download
https://notcve.org/view.php?id=CVE-2017-15235
The File Manager (gollem) module 3.0.11 in Horde Groupware 5.2.21 allows remote attackers to bypass Horde authentication for file downloads via a crafted fn parameter that corresponds to the exact filename. El módulo File Manager (gollem) 3.0.11 en Horde Groupware 5.2.21 permite que atacantes remotos omitan la autenticación de Horde para descargas de archivos mediante un parámetro fn manipulado que corresponde al nombre de archivo exacto. • https://www.exploit-db.com/exploits/44059 https://blogs.securiteam.com/index.php/archives/3454 https://lists.debian.org/debian-lts-announce/2020/08/msg00050.html • CWE-425: Direct Request ('Forced Browsing') •
CVSS: 9.0EPSS: 94%CPEs: 1EXPL: 0CVE-2017-7413
https://notcve.org/view.php?id=CVE-2017-7413
In Horde_Crypt before 2.7.6, as used in Horde Groupware Webmail Edition through 5.2.17, OS Command Injection can occur if the attacker is an authenticated Horde Webmail user, has PGP features enabled in their preferences, and attempts to encrypt an email addressed to a maliciously crafted email address. En Horde_Crypt en versiones anteriores a 2.7.6, como se utiliza en Horde Groupware Webmail Edition hasta la versión 5.2.17, OS Comand Inyection puede ocurrir si el atacante es un usuario autenticado Horde Webmail, tiene características PGP habilitado en sus preferencias,e intenta cifrar un correo electrónico a una maliciosa dirección de correo electrónico manipulada. • https://lists.debian.org/debian-lts-announce/2018/06/msg00006.html https://lists.horde.org/archives/horde/Week-of-Mon-20170403/056767.html • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •