QwikSec

Security Database

CVE

CWE

Training

CVE-2008-4182

Published: Sep 23, 2008

Modified: Aug 7, 2024

PUBLISHED

Description

Cross-site scripting (XSS) vulnerability in imp/test.php in Horde Turba Contact Manager H3 2.2.1 and other versions before 2.3.1, and possibly other Horde Project products, allows remote attackers to inject arbitrary web script or HTML via the User field in an IMAP session.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vendor-advisory

x_refsource_DEBIAN

turba-contact-test-xss(45131)

vdb-entry

x_refsource_XF

third-party-advisory

x_refsource_SECUNIA

[announce] 20081210 Turba 2.3.1 (final)

mailing-list

x_refsource_MLIST

vdb-entry

x_refsource_BID

http://packetstormsecurity.org/0809-exploits/turba-xss.txt

x_refsource_MISC

SUSE-SR:2008:026

vendor-advisory

x_refsource_SUSE

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.