QwikSec

Security Database

CVE

CWE

Training

CVE-2005-4192

Published: Dec 13, 2005

Modified: Aug 7, 2024

PUBLISHED

Description

Multiple cross-site scripting (XSS) vulnerabilities in templates/notepads/notepads.inc in Horde Mnemo Note Manager H3 before 2.0.3 allow remote authenticated users to inject arbitrary web script or HTML via (1) the notepad's name or (2) description, when creating a new notepad.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

[horde-announce] 20051211 Mnemo H3 (2.0.3) (final)

mailing-list

x_refsource_MLIST

third-party-advisory

x_refsource_SECUNIA

vdb-entry

x_refsource_BID

vdb-entry

x_refsource_VUPEN

http://www.sec-consult.com/245.html

x_refsource_MISC

http://cvs.horde.org/diff.php/mnemo/templates/notepads/notepads.inc?r1=1.9&r2=1.10&ty=h

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.