HIGH🇵🇱 Wersja polska

CVE-2008-3650

CVSS 9.0v2.0pub. 2008-08-13upd. 2026-04-23

Multiple unspecified vulnerabilities in Horde Groupware Webmail before Edition 1.1.1 (final) have unknown impact and attack vectors related to "unescaped output," possibly cross-site scripting (XSS), in the (1) object browser and (2) contact view.

CVSS Vector
AV:N/AC:L/Au:S/C:C/I:C/A:C
  • Horde Groupware Webmail Edition

    APP
    Horde
    1.01.0.11.0.21.0.31.0.41.0.51.0.61.0.71.1
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
XSS
CWE
References

Related vulnerabilities

CVE-2008-7218HIGH10.0ten sam produkt

Unspecified vulnerability in the Horde API in Horde 3.1 before 3.1.6 and 3.2 before 3.2 before 3.2-RC2; Turba ...

CVE-2008-7219HIGH10.0ten sam produkt

Horde Kronolith H3 2.1 before 2.1.7 and 2.2 before 2.2-RC2; Nag H3 2.1 before 2.1.4 and 2.2 before 2.2-RC2; Mn...

CVE-2012-0909MEDIUM4.3ten sam produkt

Cross-site scripting (XSS) vulnerability in Horde_Form in Horde Groupware Webmail Edition before 4.0.6 allows ...

CVE-2012-0791MEDIUM4.3ten sam produkt

Multiple cross-site scripting (XSS) vulnerabilities in Horde IMP before 5.0.18 and Horde Groupware Webmail Edi...

CVE-2008-2783MEDIUM4.3ten sam produkt

Multiple cross-site scripting (XSS) vulnerabilities in Horde Groupware, Groupware Webmail Edition, and Kronoli...