NVD

Id
42866  
Name
CVE-2012-0791  
Description
Multiple cross-site scripting (XSS) vulnerabilities in Horde IMP before 5.0.18 and Horde Groupware Webmail Edition before 4.0.6 allow remote attackers to inject arbitrary web script or HTML via the (1) composeCache, (2) rtemode, or (3) filename_* parameters to the compose page; (4) formname parameter to the contacts popup window; or (5) IMAP mailbox names. NOTE: some of these details are obtained from third party information.  
Reject
 
CVSS Version
2  
CVSS Score
4.3  
Severity
Medium  
CVSS Base Score
4.3  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:N/I:P/A:N)  
Pub Date
2017-01-19  
Published
2012-01-24  
Modified Date
2012-01-26  
Seq
2012-0791  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
215686 42866 CVE-2012-0791 http://www.horde.org/apps/imp/docs/CHANGES  View
215687 42866 CVE-2012-0791 http://www.horde.org/apps/imp/docs/RELEASE_NOTES  View
215688 42866 CVE-2012-0791 http://www.horde.org/apps/webmail/docs/CHANGES  View
215689 42866 CVE-2012-0791 http://www.horde.org/apps/webmail/docs/RELEASE_NOTES  View
215690 42866 CVE-2012-0791 [oss-security] 20120121 Re: Re: CVE Request -- Horde IMP -- Multiple XSS flaws  View
215691 42866 CVE-2012-0791 51586  View
215692 42866 CVE-2012-0791 1026553  View
215693 42866 CVE-2012-0791 1026554  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
25488 JVNDB-2012-001195 Horde IMP および Horde Groupware Webmail Edition におけるクロスサイトスクリプティングの脆弱性 Horde IMP および Horde Groupware Webmail Edition には、クロスサイトスクリプティングの脆弱性が存在します。 CVE-2012-0791 54029 CVE-2012-0791 42866 4.3 http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001195.html 2012-01-24 2012-01-27 View