CVE-2006-2195 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2006-2195
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-2195

Description: Cross-site scripting (XSS) vulnerability in horde 3 (horde3) before 3.1.1 allows remote attackers to inject arbitrary web script or HTML via (1) templates/problem/problem.inc and (2) test.php.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/27168 SUSE http://www.novell.com/linux/security/advisories/2006_16_sr.html ST 1016310 SAID Secunia Advisory: SA20672 Secunia Advisory: SA20750 Secunia Advisory: SA20849 Secunia Advisory: SA20661 Secunia Advisory: SA20960 OSVDB 26513 26514 MISC http://overlays.gentoo.org/dev/chtekk/browser/horde/www-apps/horde/files/horde-3.1.1-xss.diff?rev=4&format=txt GENTOO http://www.gentoo.org/security/en/glsa/glsa-200606-28.xml DEBIAN http://www.debian.org/security/2006/dsa-1098 http://www.debian.org/security/2006/dsa-1099 CONFIRM http://cvs.horde.org/diff.php?f=horde%2Ftest.php&r1=1.145&r2=1.146 http://cvs.horde.org/diff.php?r1=2.25&r2=2.26&f=horde%2Ftemplates%2Fproblem%2Fproblem.inc http://bugs.gentoo.org/show_bug.cgi?id=136830 BID 18436

Return to the previous page.