Search criteria
4 vulnerabilities found for internet_mail_program by horde
CVE-2014-4946 (GCVE-0-2014-4946)
Vulnerability from nvd – Published: 2014-07-14 14:00 – Updated: 2024-09-17 03:03
VLAI
Summary
Multiple cross-site scripting (XSS) vulnerabilities in Horde Internet Mail Program (IMP) before 6.1.8, as used in Horde Groupware Webmail Edition before 5.1.5, allow remote attackers to inject arbitrary web script or HTML via (1) unspecified flags or (2) a mailbox name in the dynamic mailbox view.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/59772 | third-party-advisoryx_refsource_SECUNIA |
| http://lists.horde.org/archives/announce/2014/001… | mailing-listx_refsource_MLIST |
| http://secunia.com/advisories/59770 | third-party-advisoryx_refsource_SECUNIA |
| https://github.com/horde/horde/blob/4513649810f13… | x_refsource_CONFIRM |
| https://github.com/horde/horde/blob/c0144ac03814a… | x_refsource_CONFIRM |
| http://lists.horde.org/archives/announce/2014/001… | mailing-listx_refsource_MLIST |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T11:34:36.570Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "59772",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59772"
},
{
"name": "[announce] 20140707 [SECURITY] Horde Groupware Webmail Edition 5.1.5 (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2014/001025.html"
},
{
"name": "59770",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59770"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/horde/horde/blob/4513649810f13a32f1193bdeed76f7d85a5efa05/bundles/webmail/docs/CHANGES"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/horde/horde/blob/c0144ac03814a8c2cf6fc5ac0d1af2653e9ee139/imp/docs/CHANGES"
},
{
"name": "[announce] 20140707 [SECURITY] IMP 6.1.8 (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2014/001019.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Horde Internet Mail Program (IMP) before 6.1.8, as used in Horde Groupware Webmail Edition before 5.1.5, allow remote attackers to inject arbitrary web script or HTML via (1) unspecified flags or (2) a mailbox name in the dynamic mailbox view."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-07-14T14:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "59772",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59772"
},
{
"name": "[announce] 20140707 [SECURITY] Horde Groupware Webmail Edition 5.1.5 (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2014/001025.html"
},
{
"name": "59770",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59770"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/horde/horde/blob/4513649810f13a32f1193bdeed76f7d85a5efa05/bundles/webmail/docs/CHANGES"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/horde/horde/blob/c0144ac03814a8c2cf6fc5ac0d1af2653e9ee139/imp/docs/CHANGES"
},
{
"name": "[announce] 20140707 [SECURITY] IMP 6.1.8 (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2014/001019.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-4946",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Horde Internet Mail Program (IMP) before 6.1.8, as used in Horde Groupware Webmail Edition before 5.1.5, allow remote attackers to inject arbitrary web script or HTML via (1) unspecified flags or (2) a mailbox name in the dynamic mailbox view."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "59772",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59772"
},
{
"name": "[announce] 20140707 [SECURITY] Horde Groupware Webmail Edition 5.1.5 (final)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2014/001025.html"
},
{
"name": "59770",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59770"
},
{
"name": "https://github.com/horde/horde/blob/4513649810f13a32f1193bdeed76f7d85a5efa05/bundles/webmail/docs/CHANGES",
"refsource": "CONFIRM",
"url": "https://github.com/horde/horde/blob/4513649810f13a32f1193bdeed76f7d85a5efa05/bundles/webmail/docs/CHANGES"
},
{
"name": "https://github.com/horde/horde/blob/c0144ac03814a8c2cf6fc5ac0d1af2653e9ee139/imp/docs/CHANGES",
"refsource": "CONFIRM",
"url": "https://github.com/horde/horde/blob/c0144ac03814a8c2cf6fc5ac0d1af2653e9ee139/imp/docs/CHANGES"
},
{
"name": "[announce] 20140707 [SECURITY] IMP 6.1.8 (final)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2014/001019.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-4946",
"datePublished": "2014-07-14T14:00:00.000Z",
"dateReserved": "2014-07-14T00:00:00.000Z",
"dateUpdated": "2024-09-17T03:03:19.100Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-4945 (GCVE-0-2014-4945)
Vulnerability from nvd – Published: 2014-07-14 14:00 – Updated: 2024-09-17 04:14
VLAI
Summary
Multiple cross-site scripting (XSS) vulnerabilities in Horde Internet Mail Program (IMP) before 6.1.8, as used in Horde Groupware Webmail Edition before 5.1.5, allow remote attackers to inject arbitrary web script or HTML via an unspecified flag in the basic (1) mailbox or (2) message view.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/59772 | third-party-advisoryx_refsource_SECUNIA |
| http://lists.horde.org/archives/announce/2014/001… | mailing-listx_refsource_MLIST |
| http://secunia.com/advisories/59770 | third-party-advisoryx_refsource_SECUNIA |
| https://github.com/horde/horde/blob/4513649810f13… | x_refsource_CONFIRM |
| https://github.com/horde/horde/blob/c0144ac03814a… | x_refsource_CONFIRM |
| http://lists.horde.org/archives/announce/2014/001… | mailing-listx_refsource_MLIST |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T11:34:37.190Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "59772",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59772"
},
{
"name": "[announce] 20140707 [SECURITY] Horde Groupware Webmail Edition 5.1.5 (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2014/001025.html"
},
{
"name": "59770",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59770"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/horde/horde/blob/4513649810f13a32f1193bdeed76f7d85a5efa05/bundles/webmail/docs/CHANGES"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/horde/horde/blob/c0144ac03814a8c2cf6fc5ac0d1af2653e9ee139/imp/docs/CHANGES"
},
{
"name": "[announce] 20140707 [SECURITY] IMP 6.1.8 (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2014/001019.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Horde Internet Mail Program (IMP) before 6.1.8, as used in Horde Groupware Webmail Edition before 5.1.5, allow remote attackers to inject arbitrary web script or HTML via an unspecified flag in the basic (1) mailbox or (2) message view."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-07-14T14:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "59772",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59772"
},
{
"name": "[announce] 20140707 [SECURITY] Horde Groupware Webmail Edition 5.1.5 (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2014/001025.html"
},
{
"name": "59770",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59770"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/horde/horde/blob/4513649810f13a32f1193bdeed76f7d85a5efa05/bundles/webmail/docs/CHANGES"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/horde/horde/blob/c0144ac03814a8c2cf6fc5ac0d1af2653e9ee139/imp/docs/CHANGES"
},
{
"name": "[announce] 20140707 [SECURITY] IMP 6.1.8 (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2014/001019.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-4945",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Horde Internet Mail Program (IMP) before 6.1.8, as used in Horde Groupware Webmail Edition before 5.1.5, allow remote attackers to inject arbitrary web script or HTML via an unspecified flag in the basic (1) mailbox or (2) message view."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "59772",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59772"
},
{
"name": "[announce] 20140707 [SECURITY] Horde Groupware Webmail Edition 5.1.5 (final)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2014/001025.html"
},
{
"name": "59770",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59770"
},
{
"name": "https://github.com/horde/horde/blob/4513649810f13a32f1193bdeed76f7d85a5efa05/bundles/webmail/docs/CHANGES",
"refsource": "CONFIRM",
"url": "https://github.com/horde/horde/blob/4513649810f13a32f1193bdeed76f7d85a5efa05/bundles/webmail/docs/CHANGES"
},
{
"name": "https://github.com/horde/horde/blob/c0144ac03814a8c2cf6fc5ac0d1af2653e9ee139/imp/docs/CHANGES",
"refsource": "CONFIRM",
"url": "https://github.com/horde/horde/blob/c0144ac03814a8c2cf6fc5ac0d1af2653e9ee139/imp/docs/CHANGES"
},
{
"name": "[announce] 20140707 [SECURITY] IMP 6.1.8 (final)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2014/001019.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-4945",
"datePublished": "2014-07-14T14:00:00.000Z",
"dateReserved": "2014-07-14T00:00:00.000Z",
"dateUpdated": "2024-09-17T04:14:56.484Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-4945 (GCVE-0-2014-4945)
Vulnerability from cvelistv5 – Published: 2014-07-14 14:00 – Updated: 2024-09-17 04:14
VLAI
Summary
Multiple cross-site scripting (XSS) vulnerabilities in Horde Internet Mail Program (IMP) before 6.1.8, as used in Horde Groupware Webmail Edition before 5.1.5, allow remote attackers to inject arbitrary web script or HTML via an unspecified flag in the basic (1) mailbox or (2) message view.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/59772 | third-party-advisoryx_refsource_SECUNIA |
| http://lists.horde.org/archives/announce/2014/001… | mailing-listx_refsource_MLIST |
| http://secunia.com/advisories/59770 | third-party-advisoryx_refsource_SECUNIA |
| https://github.com/horde/horde/blob/4513649810f13… | x_refsource_CONFIRM |
| https://github.com/horde/horde/blob/c0144ac03814a… | x_refsource_CONFIRM |
| http://lists.horde.org/archives/announce/2014/001… | mailing-listx_refsource_MLIST |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T11:34:37.190Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "59772",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59772"
},
{
"name": "[announce] 20140707 [SECURITY] Horde Groupware Webmail Edition 5.1.5 (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2014/001025.html"
},
{
"name": "59770",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59770"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/horde/horde/blob/4513649810f13a32f1193bdeed76f7d85a5efa05/bundles/webmail/docs/CHANGES"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/horde/horde/blob/c0144ac03814a8c2cf6fc5ac0d1af2653e9ee139/imp/docs/CHANGES"
},
{
"name": "[announce] 20140707 [SECURITY] IMP 6.1.8 (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2014/001019.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Horde Internet Mail Program (IMP) before 6.1.8, as used in Horde Groupware Webmail Edition before 5.1.5, allow remote attackers to inject arbitrary web script or HTML via an unspecified flag in the basic (1) mailbox or (2) message view."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-07-14T14:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "59772",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59772"
},
{
"name": "[announce] 20140707 [SECURITY] Horde Groupware Webmail Edition 5.1.5 (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2014/001025.html"
},
{
"name": "59770",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59770"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/horde/horde/blob/4513649810f13a32f1193bdeed76f7d85a5efa05/bundles/webmail/docs/CHANGES"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/horde/horde/blob/c0144ac03814a8c2cf6fc5ac0d1af2653e9ee139/imp/docs/CHANGES"
},
{
"name": "[announce] 20140707 [SECURITY] IMP 6.1.8 (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2014/001019.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-4945",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Horde Internet Mail Program (IMP) before 6.1.8, as used in Horde Groupware Webmail Edition before 5.1.5, allow remote attackers to inject arbitrary web script or HTML via an unspecified flag in the basic (1) mailbox or (2) message view."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "59772",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59772"
},
{
"name": "[announce] 20140707 [SECURITY] Horde Groupware Webmail Edition 5.1.5 (final)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2014/001025.html"
},
{
"name": "59770",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59770"
},
{
"name": "https://github.com/horde/horde/blob/4513649810f13a32f1193bdeed76f7d85a5efa05/bundles/webmail/docs/CHANGES",
"refsource": "CONFIRM",
"url": "https://github.com/horde/horde/blob/4513649810f13a32f1193bdeed76f7d85a5efa05/bundles/webmail/docs/CHANGES"
},
{
"name": "https://github.com/horde/horde/blob/c0144ac03814a8c2cf6fc5ac0d1af2653e9ee139/imp/docs/CHANGES",
"refsource": "CONFIRM",
"url": "https://github.com/horde/horde/blob/c0144ac03814a8c2cf6fc5ac0d1af2653e9ee139/imp/docs/CHANGES"
},
{
"name": "[announce] 20140707 [SECURITY] IMP 6.1.8 (final)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2014/001019.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-4945",
"datePublished": "2014-07-14T14:00:00.000Z",
"dateReserved": "2014-07-14T00:00:00.000Z",
"dateUpdated": "2024-09-17T04:14:56.484Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-4946 (GCVE-0-2014-4946)
Vulnerability from cvelistv5 – Published: 2014-07-14 14:00 – Updated: 2024-09-17 03:03
VLAI
Summary
Multiple cross-site scripting (XSS) vulnerabilities in Horde Internet Mail Program (IMP) before 6.1.8, as used in Horde Groupware Webmail Edition before 5.1.5, allow remote attackers to inject arbitrary web script or HTML via (1) unspecified flags or (2) a mailbox name in the dynamic mailbox view.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/59772 | third-party-advisoryx_refsource_SECUNIA |
| http://lists.horde.org/archives/announce/2014/001… | mailing-listx_refsource_MLIST |
| http://secunia.com/advisories/59770 | third-party-advisoryx_refsource_SECUNIA |
| https://github.com/horde/horde/blob/4513649810f13… | x_refsource_CONFIRM |
| https://github.com/horde/horde/blob/c0144ac03814a… | x_refsource_CONFIRM |
| http://lists.horde.org/archives/announce/2014/001… | mailing-listx_refsource_MLIST |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T11:34:36.570Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "59772",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59772"
},
{
"name": "[announce] 20140707 [SECURITY] Horde Groupware Webmail Edition 5.1.5 (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2014/001025.html"
},
{
"name": "59770",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59770"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/horde/horde/blob/4513649810f13a32f1193bdeed76f7d85a5efa05/bundles/webmail/docs/CHANGES"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/horde/horde/blob/c0144ac03814a8c2cf6fc5ac0d1af2653e9ee139/imp/docs/CHANGES"
},
{
"name": "[announce] 20140707 [SECURITY] IMP 6.1.8 (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2014/001019.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Horde Internet Mail Program (IMP) before 6.1.8, as used in Horde Groupware Webmail Edition before 5.1.5, allow remote attackers to inject arbitrary web script or HTML via (1) unspecified flags or (2) a mailbox name in the dynamic mailbox view."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-07-14T14:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "59772",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59772"
},
{
"name": "[announce] 20140707 [SECURITY] Horde Groupware Webmail Edition 5.1.5 (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2014/001025.html"
},
{
"name": "59770",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59770"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/horde/horde/blob/4513649810f13a32f1193bdeed76f7d85a5efa05/bundles/webmail/docs/CHANGES"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/horde/horde/blob/c0144ac03814a8c2cf6fc5ac0d1af2653e9ee139/imp/docs/CHANGES"
},
{
"name": "[announce] 20140707 [SECURITY] IMP 6.1.8 (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2014/001019.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-4946",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Horde Internet Mail Program (IMP) before 6.1.8, as used in Horde Groupware Webmail Edition before 5.1.5, allow remote attackers to inject arbitrary web script or HTML via (1) unspecified flags or (2) a mailbox name in the dynamic mailbox view."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "59772",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59772"
},
{
"name": "[announce] 20140707 [SECURITY] Horde Groupware Webmail Edition 5.1.5 (final)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2014/001025.html"
},
{
"name": "59770",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59770"
},
{
"name": "https://github.com/horde/horde/blob/4513649810f13a32f1193bdeed76f7d85a5efa05/bundles/webmail/docs/CHANGES",
"refsource": "CONFIRM",
"url": "https://github.com/horde/horde/blob/4513649810f13a32f1193bdeed76f7d85a5efa05/bundles/webmail/docs/CHANGES"
},
{
"name": "https://github.com/horde/horde/blob/c0144ac03814a8c2cf6fc5ac0d1af2653e9ee139/imp/docs/CHANGES",
"refsource": "CONFIRM",
"url": "https://github.com/horde/horde/blob/c0144ac03814a8c2cf6fc5ac0d1af2653e9ee139/imp/docs/CHANGES"
},
{
"name": "[announce] 20140707 [SECURITY] IMP 6.1.8 (final)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2014/001019.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-4946",
"datePublished": "2014-07-14T14:00:00.000Z",
"dateReserved": "2014-07-14T00:00:00.000Z",
"dateUpdated": "2024-09-17T03:03:19.100Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}