[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

249966

 
 

909

 
 

195636

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
OVAL

CVE-2020-8035 -- php-horde

ID: oval:org.secpod.oval:def:2004214Date: (C)2020-10-08   (M)2021-06-02
Class: VULNERABILITYFamily: unix




The image view functionality in Horde Groupware Webmail Edition before 5.2.22 is affected by a stored Cross-Site Scripting vulnerability via an SVG image upload containing a JavaScript payload. An attacker can obtain access to a victim"s webmail account by making them visit a malicious URL.

Platform:
Debian 10.x
Debian 9.x
Product:
php-horde
Reference:
CVE-2020-8035
CVE    1
CVE-2020-8035
CPE    3
cpe:/o:debian:debian_linux:10.x
cpe:/o:debian:debian_linux:9.x
cpe:/a:php:php-horde

© SecPod Technologies