Vulnerabilities > Horde > Groupware > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-05 | CVE-2013-6365 | Cross-Site Request Forgery (CSRF) vulnerability in multiple products Horde Groupware Web mail 5.1.2 has CSRF with requests to change permissions | 2.6 |
| 2017-11-20 | CVE-2017-16906 | Cross-site Scripting vulnerability in Horde Groupware In Horde Groupware 5.2.19-5.2.22, there is XSS via the URL field in a "Calendar -> New Event" action. | 3.5 |
| 2017-11-20 | CVE-2017-16907 | Cross-site Scripting vulnerability in Horde Groupware 5.2.19/5.2.21 In Horde Groupware 5.2.19 and 5.2.21, there is XSS via the Color field in a Create Task List action. | 3.5 |
| 2017-11-20 | CVE-2017-16908 | Cross-site Scripting vulnerability in Horde Groupware 5.2.19 In Horde Groupware 5.2.19, there is XSS via the Name field during creation of a new Resource. | 3.5 |