First published: Tue Mar 17 2009(Updated: )
Cross-site scripting (XSS) vulnerability in the tag cloud search script (horde/services/portal/cloud_search.php) in Horde before 3.2.4 and 3.3.3, and Horde Groupware before 1.1.5, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Debian Horde | <=3.3.1 | |
Debian Horde Groupware | <=1.1.2 | |
Debian Horde | =3.2.2 | |
Debian Horde Groupware | <=1.1.4 | |
Debian Horde Groupware | <=1.1.3 | |
Debian Horde | =3.2.3 | |
Debian Horde | =3.3 | |
Debian Horde Groupware | <=1.1.1 | |
Debian Horde | <=3.3.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.