cbcvebase.
CVE-2013-6365
published 2019-11-05

CVE-2013-6365: Horde Groupware Web mail 5.1.2 has CSRF with requests to change permissions

PriorityP431medium5.3CVSS 3.1
AVNACHPRNUIRSUCNIHAN
EXPLOIT
EPSS
1.07%
60.7th percentile
Horde Groupware Web mail 5.1.2 has CSRF with requests to change permissions

Affected

8 ranges
VendorProductVersion rangeFixed in
debiandebian_linux
debiandebian_linux
debiandebian_linux
debianphp-horde< php-horde 5.1.5+debian0-1 (bookworm)php-horde 5.1.5+debian0-1 (bookworm)
debianphp-horde-kronolith< php-horde 5.1.5+debian0-1 (bookworm)php-horde 5.1.5+debian0-1 (bookworm)
hordegroupware
opensuseopensuse
opensuseopensuse

CVSS provenance

nvdv3.15.3MEDIUMCVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N
nvdv2.02.6LOWAV:N/AC:H/Au:N/C:N/I:P/A:N
osv5.3MEDIUM
vendor_debian5.3MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.