CVE-2006-2195

Published: Jun 15, 2006

Modified: Aug 7, 2024

PUBLISHED

Description

Cross-site scripting (XSS) vulnerability in horde 3 (horde3) before 3.1.1 allows remote attackers to inject arbitrary web script or HTML via (1) templates/problem/problem.inc and (2) test.php.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://cvs.horde.org/diff.php?f=horde%2Ftest.php&r1=1.145&r2=1.146

x_refsource_CONFIRM

horde-test-problem-xss(27168)

vdb-entry

x_refsource_XF

20750

third-party-advisory

x_refsource_SECUNIA

http://overlays.gentoo.org/dev/chtekk/browser/horde/www-apps/horde/files/horde-3.1.1-xss.diff?rev=4&format=txt

x_refsource_MISC

http://cvs.horde.org/diff.php?r1=2.25&r2=2.26&f=horde%2Ftemplates%2Fproblem%2Fproblem.inc

x_refsource_CONFIRM

1016310

vdb-entry

x_refsource_SECTRACK

DSA-1098

vendor-advisory

x_refsource_DEBIAN

20672

third-party-advisory

x_refsource_SECUNIA

DSA-1099

vendor-advisory

x_refsource_DEBIAN

20849

third-party-advisory

x_refsource_SECUNIA

26514

vdb-entry

x_refsource_OSVDB

http://bugs.gentoo.org/show_bug.cgi?id=136830

x_refsource_CONFIRM

20661

third-party-advisory

x_refsource_SECUNIA

26513

vdb-entry

x_refsource_OSVDB

SUSE-SR:2006:016

vendor-advisory

x_refsource_SUSE

ADV-2006-2356

vdb-entry

x_refsource_VUPEN

GLSA-200606-28

vendor-advisory

x_refsource_GENTOO

20960

third-party-advisory

x_refsource_SECUNIA

18436

vdb-entry

x_refsource_BID

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2006-2195

Description

Affected Products

References