{"vulnerability": "cve-2007-1679", "sightings": [{"uuid": "4b175ee3-f93b-4429-baab-e7e3ca09055c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2007-1679", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/2138", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2007-1679\n\ud83d\udd39 Description: Multiple cross-site scripting (XSS) vulnerabilities in Horde Groupware Webmail 1.0 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors in (1) imp/search.php and (2) ingo/rule.php. NOTE: this issue has been disputed by the vendor, noting that the search.php issue was resolved in CVE-2006-4255, and attackers can only use rule.php to inject XSS into their own pages\n\ud83d\udccf Published: 2007-03-26T23:00:00\n\ud83d\udccf Modified: 2025-01-17T14:17:13.977Z\n\ud83d\udd17 References:\n1. https://exchange.xforce.ibmcloud.com/vulnerabilities/33228\n2. http://www.securityfocus.com/archive/1/463819/100/0/threaded\n3. http://securityreason.com/securityalert/2487\n4. http://www.securityfocus.com/bid/23136\n5. http://www.securityfocus.com/archive/1/463911/100/0/threaded", "creation_timestamp": "2025-01-17T14:56:53.000000Z"}]}