Mageni Mageni Security LLC

Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

CVE-2012-0909

CVE information

Published

12 years ago

Last Modified

12 years ago

CVSSv2.0 Severity

Medium

Impact Analysis

Share

Description

Cross-site scripting (XSS) vulnerability in Horde_Form in Horde Groupware Webmail Edition before 4.0.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to email verification. NOTE: Some of these details are obtained from third party information..

CVSSv2.0 Score

Severity
Medium
Base Score
4.3/10
Exploit Score
8.6/10
Access Vector
Network
Access Complexity
Medium
Authentication Required
None
Impact Score
2.9/10
Confidentiality Impact
None
Availability Impact
None
Integrity Impact
Partial

Products Affected

CPE Affected Vulnerable Excluding Edit
cpe:2.3:a:horde:groupware_webmail_edition:1.1.5:*:*:*:*:*:*:
  Yes
- -
cpe:2.3:a:horde:groupware_webmail_edition:1.0:rc2:*:*:*:*:*:
  Yes
- -
cpe:2.3:a:horde:groupware_webmail_edition:1.0.1:*:*:*:*:*:*:
  Yes
- -
cpe:2.3:a:horde:groupware_webmail_edition:1.1:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:horde:groupware_webmail_edition:1.1:rc1:*:*:*:*:*:
  Yes
- -
cpe:2.3:a:horde:groupware_webmail_edition:4.0.1:*:*:*:*:*:*:
  Yes
- -
cpe:2.3:a:horde:groupware_webmail_edition:1.2.2:*:*:*:*:*:*:
  Yes
- -
cpe:2.3:a:horde:groupware_webmail_edition:1.1:rc3:*:*:*:*:*:
  Yes
- -
cpe:2.3:a:horde:groupware_webmail_edition:1.2.8:*:*:*:*:*:*:
  Yes
- -
cpe:2.3:a:horde:groupware_webmail_edition:*:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:horde:groupware_webmail_edition:1.0.5:*:*:*:*:*:*:
  Yes
- -
cpe:2.3:a:horde:groupware_webmail_edition:1.2.4:*:*:*:*:*:*:
  Yes
- -
cpe:2.3:a:horde:groupware_webmail_edition:1.0.7:*:*:*:*:*:*:
  Yes
- -
cpe:2.3:a:horde:groupware_webmail_edition:1.1.6:*:*:*:*:*:*:
  Yes
- -
cpe:2.3:a:horde:groupware_webmail_edition:1.0.3:*:*:*:*:*:*:
  Yes
- -
cpe:2.3:a:horde:groupware_webmail_edition:4.0.3:*:*:*:*:*:*:
  Yes
- -
cpe:2.3:a:horde:groupware_webmail_edition:1.0.8:*:*:*:*:*:*:
  Yes
- -
cpe:2.3:a:horde:groupware_webmail_edition:1.0:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:horde:groupware_webmail_edition:1.2.5:*:*:*:*:*:*:
  Yes
- -
cpe:2.3:a:horde:groupware_webmail_edition:1.2.7:*:*:*:*:*:*:
  Yes
- -
cpe:2.3:a:horde:groupware_webmail_edition:1.1:rc2:*:*:*:*:*:
  Yes
- -
cpe:2.3:a:horde:groupware_webmail_edition:1.2.1:*:*:*:*:*:*:
  Yes
- -
cpe:2.3:a:horde:groupware_webmail_edition:4.0.2:*:*:*:*:*:*:
  Yes
- -
cpe:2.3:a:horde:groupware_webmail_edition:1.0.2:*:*:*:*:*:*:
  Yes
- -
cpe:2.3:a:horde:groupware_webmail_edition:1.1.1:*:*:*:*:*:*:
  Yes
- -
cpe:2.3:a:horde:groupware_webmail_edition:1.0.6:*:*:*:*:*:*:
  Yes
- -
cpe:2.3:a:horde:groupware_webmail_edition:1.0:rc1:*:*:*:*:*:
  Yes
- -
cpe:2.3:a:horde:groupware_webmail_edition:1.2.3:rc1:*:*:*:*:
  Yes
- -
cpe:2.3:a:horde:groupware_webmail_edition:1.2.10:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:horde:groupware_webmail_edition:4.0:rc1:*:*:*:*:*:
  Yes
- -
cpe:2.3:a:horde:groupware_webmail_edition:1.1.3:*:*:*:*:*:*:
  Yes
- -
cpe:2.3:a:horde:groupware_webmail_edition:1.2:rc1:*:*:*:*:*:
  Yes
- -
cpe:2.3:a:horde:groupware_webmail_edition:1.1.4:*:*:*:*:*:*:
  Yes
- -
cpe:2.3:a:horde:groupware_webmail_edition:1.1:rc4:*:*:*:*:*:
  Yes
- -
cpe:2.3:a:horde:groupware_webmail_edition:4.0.4:*:*:*:*:*:*:
  Yes
- -
cpe:2.3:a:horde:groupware_webmail_edition:1.2.9:*:*:*:*:*:*:
  Yes
- -
cpe:2.3:a:horde:groupware_webmail_edition:1.1.2:*:*:*:*:*:*:
  Yes
- -
cpe:2.3:a:horde:groupware_webmail_edition:1.0.4:*:*:*:*:*:*:
  Yes
- -
cpe:2.3:a:horde:groupware_webmail_edition:4.0:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:horde:groupware_webmail_edition:1.2.3:*:*:*:*:*:*:
  Yes
- -
cpe:2.3:a:horde:groupware_webmail_edition:1.2.6:*:*:*:*:*:*:
  Yes
- -
cpe:2.3:a:horde:groupware_webmail_edition:1.2:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:horde:groupware_webmail_edition:4.0:rc2:*:*:*:*:*:
  Yes
- -

References