QwikSec

Security Database

CVE

CWE

Training

CVE-2016-6191

Published: Feb 17, 2017

Modified: Aug 6, 2024

PUBLISHED

Description

Multiple cross-site scripting (XSS) vulnerabilities in the View Raw Source page in the Web Calendar in SOGo before 3.1.3 allow remote attackers to inject arbitrary web script or HTML via the (1) Description, (2) Location, (3) URL, or (4) Title field.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

[oss-security] 20160709 Re: CVE request: several SOGo issues (DOS, XSS, information leakage)

mailing-list

x_refsource_MLIST

https://github.com/inverse-inc/sogo/commit/64ce3c9c22fd9a28caabf11e76216cd53d0245aa

x_refsource_CONFIRM

https://sogo.nu/bugs/view.php?id=3718

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.