What is the severity of CVE-2008-6746?

CVE-2008-6746 has a medium severity rating due to its ability to allow remote attackers to execute arbitrary scripts via XSS.

How do I fix CVE-2008-6746?

To fix CVE-2008-6746, upgrade to Turba Contact Manager H3 version 2.2.1 or later, where this issue has been resolved.

Which versions are affected by CVE-2008-6746?

CVE-2008-6746 affects Turba Contact Manager H3 versions prior to 2.2.1, including various 2.0, 1.2, and 0.0 versions.

What type of vulnerability is CVE-2008-6746?

CVE-2008-6746 is a Cross-Site Scripting (XSS) vulnerability that allows for the injection of arbitrary HTML or script.

Who is impacted by CVE-2008-6746?

Any users or administrators of the affected versions of Turba Contact Manager H3 are at risk of exploitation from this vulnerability.

Vulnerability/
CVE-2008-6746

medium

4.3

CWE

23/4/2009

7/8/2024

CVE-2008-6746: XSS

First published: Thu Apr 23 2009(Updated: )

Cross-site scripting (XSS) vulnerability in the contact display view in Turba Contact Manager H3 before 2.2.1 allows remote attackers to inject arbitrary web script or HTML via the contact name.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Horde Turba Contact Manager H3	<=2.2
Horde Turba Contact Manager H3	=0.0.1
Horde Turba Contact Manager H3	=0.0.2
Horde Turba Contact Manager H3	=0.0.3
Horde Turba Contact Manager H3	=1.0
Horde Turba Contact Manager H3	=1.0-rc4
Horde Turba Contact Manager H3	=1.1
Horde Turba Contact Manager H3	=1.2
Horde Turba Contact Manager H3	=1.2.1
Horde Turba Contact Manager H3	=1.2.2
Horde Turba Contact Manager H3	=1.2.3
Horde Turba Contact Manager H3	=1.2.4
Horde Turba Contact Manager H3	=1.2.5
Horde Turba Contact Manager H3	=2.0
Horde Turba Contact Manager H3	=2.0-alpha
Horde Turba Contact Manager H3	=2.0-beta
Horde Turba Contact Manager H3	=2.0-rc1
Horde Turba Contact Manager H3	=2.0-rc2
Horde Turba Contact Manager H3	=2.0-rc3
Horde Turba Contact Manager H3	=2.0.1
Horde Turba Contact Manager H3	=2.0.1-rc1
Horde Turba Contact Manager H3	=2.0.2
Horde Turba Contact Manager H3	=2.0.3
Horde Turba Contact Manager H3	=2.0.3-rc1
Horde Turba Contact Manager H3	=2.0.4
Horde Turba Contact Manager H3	=2.0.5
Horde Turba Contact Manager H3	=2.1
Horde Turba Contact Manager H3	=2.1-rc1
Horde Turba Contact Manager H3	=2.1.1
Horde Turba Contact Manager H3	=2.1.2
Horde Turba Contact Manager H3	=2.1.3
Horde Turba Contact Manager H3	=2.1.4
Horde Turba Contact Manager H3	=2.1.5
Horde Turba Contact Manager H3	=2.1.6
Horde Turba Contact Manager H3	=2.1.7
Horde Turba Contact Manager H3	=2.2-alpha
Horde Turba Contact Manager H3	=2.2-rc1
Horde Turba Contact Manager H3	=2.2-rc2
Horde Turba Contact Manager H3	=2.2-rc3
Horde Turba Contact Manager H3	=2.2-rc4

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2008-6746?
CVE-2008-6746 has a medium severity rating due to its ability to allow remote attackers to execute arbitrary scripts via XSS.
How do I fix CVE-2008-6746?
To fix CVE-2008-6746, upgrade to Turba Contact Manager H3 version 2.2.1 or later, where this issue has been resolved.
Which versions are affected by CVE-2008-6746?
CVE-2008-6746 affects Turba Contact Manager H3 versions prior to 2.2.1, including various 2.0, 1.2, and 0.0 versions.
What type of vulnerability is CVE-2008-6746?
CVE-2008-6746 is a Cross-Site Scripting (XSS) vulnerability that allows for the injection of arbitrary HTML or script.
Who is impacted by CVE-2008-6746?
Any users or administrators of the affected versions of Turba Contact Manager H3 are at risk of exploitation from this vulnerability.

agent/type
collector/mitre-cve
source/MITRE
agent/severity
agent/author
agent/references
agent/last-modified-date
agent/description
agent/event
agent/first-publish-date
agent/source
agent/softwarecombine
agent/weakness
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
collector/nvd-historical
vendor/horde
canonical/horde turba contact manager h3
version/horde turba contact manager h3/2.2
version/horde turba contact manager h3/0.0.1
version/horde turba contact manager h3/0.0.2
version/horde turba contact manager h3/0.0.3
version/horde turba contact manager h3/1.0
version/horde turba contact manager h3/1.0-rc4
version/horde turba contact manager h3/1.1
version/horde turba contact manager h3/1.2
version/horde turba contact manager h3/1.2.1
version/horde turba contact manager h3/1.2.2
version/horde turba contact manager h3/1.2.3
version/horde turba contact manager h3/1.2.4
version/horde turba contact manager h3/1.2.5
version/horde turba contact manager h3/2.0
version/horde turba contact manager h3/2.0-alpha
version/horde turba contact manager h3/2.0-beta
version/horde turba contact manager h3/2.0-rc1
version/horde turba contact manager h3/2.0-rc2
version/horde turba contact manager h3/2.0-rc3
version/horde turba contact manager h3/2.0.1
version/horde turba contact manager h3/2.0.1-rc1
version/horde turba contact manager h3/2.0.2
version/horde turba contact manager h3/2.0.3
version/horde turba contact manager h3/2.0.3-rc1
version/horde turba contact manager h3/2.0.4
version/horde turba contact manager h3/2.0.5
version/horde turba contact manager h3/2.1
version/horde turba contact manager h3/2.1-rc1
version/horde turba contact manager h3/2.1.1
version/horde turba contact manager h3/2.1.2
version/horde turba contact manager h3/2.1.3
version/horde turba contact manager h3/2.1.4
version/horde turba contact manager h3/2.1.5
version/horde turba contact manager h3/2.1.6
version/horde turba contact manager h3/2.1.7
version/horde turba contact manager h3/2.2-alpha
version/horde turba contact manager h3/2.2-rc1
version/horde turba contact manager h3/2.2-rc2
version/horde turba contact manager h3/2.2-rc3
version/horde turba contact manager h3/2.2-rc4