Vulnerabilities > Horde > Groupware > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-07-28 | CVE-2022-30287 | Unsafe Reflection vulnerability in multiple products Horde Groupware Webmail Edition through 5.2.22 allows a reflection injection attack through which an attacker can instantiate a driver class. | 8.0 |
2012-09-25 | CVE-2012-0209 | Code Injection vulnerability in Horde Groupware and Horde Horde 3.3.12, Horde Groupware 1.2.10, and Horde Groupware Webmail Edition 1.2.10, as distributed by FTP between November 2011 and February 2012, contains an externally introduced modification (Trojan Horse) in templates/javascript/open_calendar.js, which allows remote attackers to execute arbitrary PHP code. | 7.5 |