SecPod SCAP Repo, a repository of SCAP Content (CVE, CCE, CPE, CWE, OVAL and XCCDF)

Paid content will be excluded from the download.

Download | Alert*

OVAL

CVE-2017-16906 -- php-horde-kronolith

ID: oval:org.secpod.oval:def:1901773	Date: (C)2019-04-03 (M)2023-12-20
Class: VULNERABILITY	Family: unix

In Horde Groupware 5.2.19-5.2.22, there is XSS via the URL field in a "Calendar -> New Event" action.

Platform:

Ubuntu 16.04

Ubuntu 18.10

Ubuntu 14.04

Ubuntu 18.04

Product:

php-horde-kronolith

Reference:

CVE-2017-16906

CVE 1

CPE 5