CVE-2019-12095
published 2019-10-24CVE-2019-12095: Horde Trean, as used in Horde Groupware Webmail Edition through 5.2.22 and other products, allows CSRF, as demonstrated by the treanBookmarkTags parameter to…
PriorityP336high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
EPSS
1.11%
61.9th percentile
Horde Trean, as used in Horde Groupware Webmail Edition through 5.2.22 and other products, allows CSRF, as demonstrated by the treanBookmarkTags parameter to the trean/ URI on a webmail server. NOTE: treanBookmarkTags could, for example, be a stored XSS payload.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | php-horde | < php-horde 5.2.21+debian0-1 (bookworm) | php-horde 5.2.21+debian0-1 (bookworm) |
| debian | php-horde-trean | < php-horde 5.2.21+debian0-1 (bookworm) | php-horde 5.2.21+debian0-1 (bookworm) |
| horde | groupware | <= 5.2.22 | — |
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
osv8.8HIGH
vendor_debian8.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Debian
CVE-2019-12095: php-horde - Horde Trean, as used in Horde Groupware Webmail Edition through 5.2.22 and other...
vendor_debian·2019·CVSS 8.8
CVE-2019-12095 [HIGH] CVE-2019-12095: php-horde - Horde Trean, as used in Horde Groupware Webmail Edition through 5.2.22 and other...
Horde Trean, as used in Horde Groupware Webmail Edition through 5.2.22 and other products, allows CSRF, as demonstrated by the treanBookmarkTags parameter to the trean/ URI on a webmail server. NOTE: treanBookmarkTags could, for example, be a stored XSS payload.
Scope: local
bookworm: resolved (fixed in 5.2.21+debian0-1)
bullseye: resolved (fixed in 5.2.21+debian0-1)
sid: resolved (fixed in 5.2.21+debian0-1)
GHSA
GHSA-35fh-vqwm-xx6m: Horde Trean, as used in Horde Groupware Webmail Edition through 5
ghsa_unreviewed·2022-05-24
CVE-2019-12095 [MEDIUM] GHSA-35fh-vqwm-xx6m: Horde Trean, as used in Horde Groupware Webmail Edition through 5
Horde Trean, as used in Horde Groupware Webmail Edition through 5.2.22 and other products, allows CSRF, as demonstrated by the treanBookmarkTags parameter to the trean/ URI on a webmail server.
OSV
CVE-2019-12095: Horde Trean, as used in Horde Groupware Webmail Edition through 5
osv·2019-10-24·CVSS 8.8
CVE-2019-12095 [HIGH] CVE-2019-12095: Horde Trean, as used in Horde Groupware Webmail Edition through 5
Horde Trean, as used in Horde Groupware Webmail Edition through 5.2.22 and other products, allows CSRF, as demonstrated by the treanBookmarkTags parameter to the trean/ URI on a webmail server. NOTE: treanBookmarkTags could, for example, be a stored XSS payload.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://bugs.horde.org/ticket/14926https://cxsecurity.com/issue/WLB-2019050199https://exchange.xforce.ibmcloud.com/vulnerabilities/161333https://lists.debian.org/debian-lts-announce/2019/12/msg00015.htmlhttps://numanozdemir.com/respdisc/horde/horde.mp4https://numanozdemir.com/respdisc/horde/horde.txthttps://packetstormsecurity.com/files/152975/Horde-Webmail-5.2.22-XSS-CSRF-SQL-Injection-Code-Execution.htmlhttps://www.exploit-db.com/exploits/46903https://bugs.horde.org/ticket/14926https://cxsecurity.com/issue/WLB-2019050199https://exchange.xforce.ibmcloud.com/vulnerabilities/161333https://lists.debian.org/debian-lts-announce/2019/12/msg00015.htmlhttps://numanozdemir.com/respdisc/horde/horde.mp4https://numanozdemir.com/respdisc/horde/horde.txthttps://packetstormsecurity.com/files/152975/Horde-Webmail-5.2.22-XSS-CSRF-SQL-Injection-Code-Execution.htmlhttps://www.exploit-db.com/exploits/46903
2019-10-24
Published