What is the severity of CVE-2016-5303?

CVE-2016-5303 has a moderate severity rating due to its potential impact from cross-site scripting attacks.

How do I fix CVE-2016-5303?

To fix CVE-2016-5303, upgrade to Horde Groupware and Horde Groupware Webmail Edition version 5.2.16 or later.

What types of attacks are possible with CVE-2016-5303?

CVE-2016-5303 allows remote attackers to inject arbitrary web script or HTML through specially crafted content.

Is CVE-2016-5303 a common vulnerability?

CVE-2016-5303 is a known vulnerability that can be exploited in environments using vulnerable versions of Horde.

Vulnerability/
CVE-2016-5303

medium

6.1

CWE

20/12/2016

6/8/2024

CVE-2016-5303: XSS

First published: Tue Dec 20 2016(Updated: )

Cross-site scripting (XSS) vulnerability in the Horde Text Filter API in Horde Groupware and Horde Groupware Webmail Edition before 5.2.16 allows remote attackers to inject arbitrary web script or HTML via crafted data:text/html content in a form (1) action or (2) xlink attribute.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Horde Groupware Webmail Edition	=5.2.15
Horde Groupware Webmail Edition	=5.2.15

Remedy

https://github.com/horde/horde/commit/30d5506c20d26efbb9942fbdc6f981a0bd333b97

Remedy

https://github.com/horde/horde/commit/4d8176d1e9ef5cbd2b3fcacd9b9a4c8e482fb424

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2016-5303?
CVE-2016-5303 has a moderate severity rating due to its potential impact from cross-site scripting attacks.
How do I fix CVE-2016-5303?
To fix CVE-2016-5303, upgrade to Horde Groupware and Horde Groupware Webmail Edition version 5.2.16 or later.
What types of attacks are possible with CVE-2016-5303?
CVE-2016-5303 allows remote attackers to inject arbitrary web script or HTML through specially crafted content.
Which versions of Horde Groupware are affected by CVE-2016-5303?
CVE-2016-5303 affects Horde Groupware and Horde Groupware Webmail Edition versions before 5.2.16.
Is CVE-2016-5303 a common vulnerability?
CVE-2016-5303 is a known vulnerability that can be exploited in environments using vulnerable versions of Horde.

agent/type
agent/softwarecombine
agent/remedy
collector/mitre-cve
source/MITRE
agent/author
agent/references
agent/last-modified-date
agent/severity
agent/event
agent/description
agent/first-publish-date
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
agent/weakness
vendor/horde
canonical/horde groupware webmail edition
version/horde groupware webmail edition/5.2.15

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.

CVE-2016-5303: XSS

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2016-5303?

How do I fix CVE-2016-5303?

What types of attacks are possible with CVE-2016-5303?

Which versions of Horde Groupware are affected by CVE-2016-5303?

Is CVE-2016-5303 a common vulnerability?

Company

Resources

Contact