mailing list archives
Re: CVE request: Horde Gollem <1.1.2 XSS in view.php
From: Josh Bressers <bressers () redhat com>
Date: Fri, 1 Oct 2010 16:05:12 -0400 (EDT)
----- "Alex Legler" <a3li () gentoo org> wrote:
From that link:
* Fixed an XSS vulnerability in util/icon_browser.php.
CVE-2010-3077. Also fixed in Horde Application Framework 3.3.9.
* Fixed an XSS vulnerability in the Fetchmail configuration.
CVE n/a. Also fixed in Horde IMP 4.3.8
* Fixed an XSS vulnerability when showing mailbox names.
CVE n/a. Also fixed in Horde DIMP 1.1.5
* Protected preference forms against CSRF attacks.
CVE n/a. Also fixed in Horde Application Framework 3.3.9.
I think this is everything else. Let me know if I've missed something.
- Re: CVE request: Horde Gollem <1.1.2 XSS in view.php Josh Bressers (Oct 01)