Vulnerabilities > Horde > Groupware Webmail Edition > 1.0.7
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2012-01-24 | CVE-2012-0909 | Cross-Site Scripting vulnerability in Horde Groupware Webmail Edition Cross-site scripting (XSS) vulnerability in Horde_Form in Horde Groupware Webmail Edition before 4.0.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to email verification. | 4.3 |
2008-08-13 | CVE-2008-3650 | Cross-Site Scripting vulnerability in Groupware Webmail Edition Multiple unspecified vulnerabilities in Horde Groupware Webmail before Edition 1.1.1 (final) have unknown impact and attack vectors related to "unescaped output," possibly cross-site scripting (XSS), in the (1) object browser and (2) contact view. | 9.0 |