DescriptionMultiple cross-site scripting (XSS) vulnerabilities in Horde before 3.0.7 allow remote attackers to inject arbitrary web script or HTML via the (1) gzip/tar and (2) css MIME viewers, which do not filter or escape dangerous HTML when extracting and displaying attachments.
Overall state of this security issue: Resolved
This issue is currently rated as having moderate severity.
|National Vulnerability Database|
List of released packages
|Product(s)||Fixed package version(s)||References|
|SUSE LINUX 10.0|| |
|SUSE LINUX 9.3|| |