CVE-2008-3330

CVE-2008-3330

EPSS 1.3%

Cross-site scripting (XSS) vulnerability in services/obrowser/index.php in Horde 3.2 and Turba 2.2 allows remote attackers to inject arbitrary web script or HTML via the contact name.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492578 http://secunia.com/advisories/34609 https://exchange.xforce.ibmcloud.com/vulnerabilities/44198 http://www.securityfocus.com/bid/29745 http://www.securitytracker.com/id?1020566 http://www.securitytracker.com/id?1020567