CVE-2008-3824
Published Sep 12, 2008
Last updated 6 years ago
Overview
- Description
- Cross-site scripting (XSS) vulnerability in (1) Text_Filter/Filter/xss.php in Horde 3.1.x before 3.1.9 and 3.2.x before 3.2.2 and (2) externalinput.php in Popoon r22196 and earlier allows remote attackers to inject arbitrary web script or HTML by using / (slash) characters as replacements for spaces in an HTML e-mail message.
- Source
- secalert@redhat.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 4.3
- Impact score
- 2.9
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:N/I:P/A:N
Weaknesses
- nvd@nist.gov
- CWE-79
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:horde:horde:3.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "57AD38FB-23DF-406D-8889-E9EB18D22C57"
},
{
"criteria": "cpe:2.3:a:horde:horde:3.1.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "35BECCFA-1E18-41ED-882A-5C743D970EC0"
},
{
"criteria": "cpe:2.3:a:horde:horde:3.1.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C0285D4F-8CD8-48F9-9D68-A80E8742BAC8"
},
{
"criteria": "cpe:2.3:a:horde:horde:3.1.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B3808FD9-126C-422F-AFE4-4FF6E1366431"
},
{
"criteria": "cpe:2.3:a:horde:horde:3.1.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "96A4F9E2-7978-4C82-9BD3-B6B73C4918E1"
},
{
"criteria": "cpe:2.3:a:horde:horde:3.1.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "93944D77-B65B-48F4-9334-8FC9B1D96F53"
},
{
"criteria": "cpe:2.3:a:horde:horde:3.1.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "48EBB869-87FB-4BFE-A177-2404B22B1997"
},
{
"criteria": "cpe:2.3:a:horde:horde:3.1.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C507CA47-E346-4EA7-BEDA-052041D724E6"
},
{
"criteria": "cpe:2.3:a:horde:horde:3.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "457276C8-6665-48C5-948C-E65E6309C0ED"
},
{
"criteria": "cpe:2.3:a:horde:horde:3.2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "49101F2D-3347-40BC-A1F6-AD95A8F2A013"
},
{
"criteria": "cpe:2.3:a:popoon:popoon:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6125A018-C255-4844-ABBA-A67F828FDF0B",
"versionEndIncluding": "r22196"
}
],
"operator": "OR"
}
]
}
]