Download
| Alert*
oval:org.secpod.oval:def:704862
php-horde-kronolith is installed oval:org.secpod.oval:def:108072 php-horde-kronolith is installed oval:org.secpod.oval:def:1902121 In Horde Groupware 5.2.19, there is XSS via the Name field during creation of a new Resource. This can be leveraged for remote code execution after compromising an administrator account, because the CVE-2015-7984 CSRF protection mechanism can then be bypassed. oval:org.secpod.oval:def:2000703 In Horde Groupware 5.2.19, there is XSS via the Name field during creation of a new Resource. This can be leveraged for remote code execution after compromising an administrator account, because the CVE-2015-7984 CSRF protection mechanism can then be bypassed. oval:org.secpod.oval:def:108071 Kronolith is the Horde calendar application. It provides web-based calendars backed by a SQL database or a Kolab server. Supported features include Ajax and mobile interfaces, shared calendars, remote calendars, invitation management , free/busy management, resource management, alarms, recurring eve ... oval:org.secpod.oval:def:108214 Kronolith is the Horde calendar application. It provides web-based calendars backed by a SQL database or a Kolab server. Supported features include Ajax and mobile interfaces, shared calendars, remote calendars, invitation management , free/busy management, resource management, alarms, recurring eve ... oval:org.secpod.oval:def:113006 Kronolith is the Horde calendar application. It provides web-based calendars backed by a SQL database or a Kolab server. Supported features include Ajax and mobile interfaces, shared calendars, remote calendars, invitation management , free/busy management, resource management, alarms, recurring eve ... oval:org.secpod.oval:def:113017 Kronolith is the Horde calendar application. It provides web-based calendars backed by a SQL database or a Kolab server. Supported features include Ajax and mobile interfaces, shared calendars, remote calendars, invitation management , free/busy management, resource management, alarms, recurring eve ... oval:org.secpod.oval:def:115195 Kronolith is the Horde calendar application. It provides web-based calendars backed by a SQL database or a Kolab server. Supported features include Ajax and mobile interfaces, shared calendars, remote calendars, invitation management , free/busy management, resource management, alarms, recurring eve ... oval:org.secpod.oval:def:115198 Kronolith is the Horde calendar application. It provides web-based calendars backed by a SQL database or a Kolab server. Supported features include Ajax and mobile interfaces, shared calendars, remote calendars, invitation management , free/busy management, resource management, alarms, recurring eve ... oval:org.secpod.oval:def:1901773 In Horde Groupware 5.2.19-5.2.22, there is XSS via the URL field in a "Calendar -> New Event" action. oval:org.secpod.oval:def:2001567 In Horde Groupware 5.2.19-5.2.22, there is XSS via the URL field in a "Calendar -> New Event" action. |