CVE-2008-3650

Published Aug 13, 2008

Last updated 8 years ago

CVSS info 9.0

Overview

Description: Multiple unspecified vulnerabilities in Horde Groupware Webmail before Edition 1.1.1 (final) have unknown impact and attack vectors related to "unescaped output," possibly cross-site scripting (XSS), in the (1) object browser and (2) contact view.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 9
Impact score: 10
Exploitability score: 8
Vector string: AV:N/AC:L/Au:S/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: NVD-CWE-noinfo

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:horde:groupware_webmail_edition:1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1A30F59C-D09A-495D-B5E5-E908D913164E"
          },
          {
            "criteria": "cpe:2.3:a:horde:groupware_webmail_edition:1.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6E367E84-DD66-4512-BCDE-7D7E62B72A13"
          },
          {
            "criteria": "cpe:2.3:a:horde:groupware_webmail_edition:1.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B013D26B-BE67-4131-B320-EF87D19E9C67"
          },
          {
            "criteria": "cpe:2.3:a:horde:groupware_webmail_edition:1.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "664B0D12-607C-4B5F-AC8E-FB1BBD1332E7"
          },
          {
            "criteria": "cpe:2.3:a:horde:groupware_webmail_edition:1.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "989D5040-13B3-4D76-A516-81CAB112FE44"
          },
          {
            "criteria": "cpe:2.3:a:horde:groupware_webmail_edition:1.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FA0765C9-BBFB-4676-9D79-0CFD86BCF9E7"
          },
          {
            "criteria": "cpe:2.3:a:horde:groupware_webmail_edition:1.0.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "842159D1-E30C-4077-8E92-07979E52C10B"
          },
          {
            "criteria": "cpe:2.3:a:horde:groupware_webmail_edition:1.0.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "81D9B15F-C3CA-44DF-BF5E-51741793348B"
          },
          {
            "criteria": "cpe:2.3:a:horde:groupware_webmail_edition:1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "46ADF628-449A-463E-A459-69FD9DB2ADAD"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References