FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

horde -- cross-site scripting vulnerability in help window

Affected packages
horde < 2.2.7
horde-devel < 2.2.7

Details

VuXML ID ed1d404d-2784-11d9-b954-000bdb1444a4
Discovery 2004-10-06
Entry 2004-10-27

A Horde Team announcement states that a potential cross-site scripting vulnerability in the help window has been corrected. The vulnerability appears to involve the handling of the topic and module parameters of the help window template.

References

Message 20041026115303.10FBEC046E@neo.wg.de

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.