CVE-2021-26929
published 2021-02-14CVE-2021-26929: An XSS issue was discovered in Horde Groupware Webmail Edition through 5.2.22 (where the Horde_Text_Filter library before 2.3.7 is used). The attacker can send…
PriorityP341medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
EXPLOIT
EPSS
4.94%
91.1th percentile
An XSS issue was discovered in Horde Groupware Webmail Edition through 5.2.22 (where the Horde_Text_Filter library before 2.3.7 is used). The attacker can send a plain text e-mail message, with JavaScript encoded as a link or email that is mishandled by preProcess in Text2html.php, because bespoke use of \x00\x00\x00 and \x01\x01\x01 interferes with XSS defenses.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | php-horde-text-filter | < php-horde-text-filter 2.3.7-1 (bookworm) | php-horde-text-filter 2.3.7-1 (bookworm) |
| horde | groupware | <= 5.2.22 | — |
| linux | linux_kernel | >= 0 < 6.1.85-1 | 6.1.85-1 |
| linux | linux_kernel | >= 0 < 6.7.12-1 | 6.7.12-1 |
CVSS provenance
nvdv3.16.1MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
osv6.1MEDIUM
vendor_debian6.1MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Debian
CVE-2021-26929: php-horde-text-filter - An XSS issue was discovered in Horde Groupware Webmail Edition through 5.2.22 (w...
vendor_debian·2021·CVSS 6.1
CVE-2021-26929 [MEDIUM] CVE-2021-26929: php-horde-text-filter - An XSS issue was discovered in Horde Groupware Webmail Edition through 5.2.22 (w...
An XSS issue was discovered in Horde Groupware Webmail Edition through 5.2.22 (where the Horde_Text_Filter library before 2.3.7 is used). The attacker can send a plain text e-mail message, with JavaScript encoded as a link or email that is mishandled by preProcess in Text2html.php, because bespoke use of \x00\x00\x00 and \x01\x01\x01 interferes with XSS defenses.
Scope: local
bookworm: resolved (fixed in 2.3.7-1)
bullseye: resolved (fixed in 2.3.7-1)
sid: resolved (fixed in 2.3.7-1)
OSV
linux-raspi-5.4 vulnerabilities
osv·2024-09-02·CVSS 5.5
CVE-2024-24860 linux-raspi-5.4 vulnerabilities
linux-raspi-5.4 vulnerabilities
It was discovered that a race condition existed in the Bluetooth subsystem
in the Linux kernel, leading to a null pointer dereference vulnerability. A
privileged local attacker could use this to possibly cause a denial of
service (system crash). (CVE-2024-24860)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- SuperH RISC architecture;
- MMC subsystem;
- Network drivers;
- SCSI drivers;
- GFS2 file system;
- IPv4 networking;
- IPv6 networking;
- HD-audio driver;
(CVE-2024-26830, CVE-2024-39484, CVE-2024-36901, CVE-2024-26929,
CVE-2024-26921, CVE-2021-46926, CVE-2023-52629, CVE-2023-52760)
OSV
linux-aws-5.4 vulnerabilities
osv·2024-08-26·CVSS 5.5
CVE-2024-24860 linux-aws-5.4 vulnerabilities
linux-aws-5.4 vulnerabilities
It was discovered that a race condition existed in the Bluetooth subsystem
in the Linux kernel, leading to a null pointer dereference vulnerability. A
privileged local attacker could use this to possibly cause a denial of
service (system crash). (CVE-2024-24860)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- SuperH RISC architecture;
- MMC subsystem;
- Network drivers;
- SCSI drivers;
- GFS2 file system;
- IPv4 networking;
- IPv6 networking;
- HD-audio driver;
(CVE-2024-26830, CVE-2024-39484, CVE-2024-36901, CVE-2024-26929,
CVE-2024-26921, CVE-2021-46926, CVE-2023-52629, CVE-2023-52760)
OSV
linux-azure-5.4 vulnerabilities
osv·2024-08-23·CVSS 5.5
CVE-2024-24860 linux-azure-5.4 vulnerabilities
linux-azure-5.4 vulnerabilities
It was discovered that a race condition existed in the Bluetooth subsystem
in the Linux kernel, leading to a null pointer dereference vulnerability. A
privileged local attacker could use this to possibly cause a denial of
service (system crash). (CVE-2024-24860)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- SuperH RISC architecture;
- MMC subsystem;
- Network drivers;
- SCSI drivers;
- GFS2 file system;
- IPv4 networking;
- IPv6 networking;
- HD-audio driver;
(CVE-2024-26830, CVE-2024-39484, CVE-2024-36901, CVE-2024-26929,
CVE-2024-26921, CVE-2021-46926, CVE-2023-52629, CVE-2023-52760)
OSV
CVE-2024-26929: In the Linux kernel, the following vulnerability has been resolved:
scsi: qla2xxx: Fix double free of fcport
The server was crashing after LOGO beca
osv·2024-05-01
CVE-2024-26929 CVE-2024-26929: In the Linux kernel, the following vulnerability has been resolved:
scsi: qla2xxx: Fix double free of fcport
The server was crashing after LOGO beca
In the Linux kernel, the following vulnerability has been resolved:
scsi: qla2xxx: Fix double free of fcport
The server was crashing after LOGO because fcport was getting freed twice.
-----------[ cut here ]-----------
kernel BUG at mm/slub.c:371!
invalid opcode: 0000 1 SMP PTI
CPU: 35 PID: 4610 Comm: bash Kdump: loaded Tainted: G OE --------- - - 4.18.0-425.3.1.el8.x86_64 #1
Hardware name: HPE ProLiant DL360 Gen10/ProLiant DL360 Gen10, BIOS U32 09/03/2021
RIP: 0010:set_freepointer.part.57+0x0/0x10
RSP: 0018:ffffb07107027d90 EFLAGS: 00010246
RAX: ffff9cb7e3150000 RBX: ffff9cb7e332b9c0 RCX: ffff9cb7e3150400
RDX: 0000000000001f37 RSI: 0000000000000000 RDI: ffff9cb7c0005500
RBP: fffff693448c5400 R08: 0000000080000000 R09: 0000000000000009
R10: 0000000000000000 R11: 0000000000132af0 R12: ff
GHSA
GHSA-qc5g-54hm-vfmc: An XSS issue was discovered in Horde Groupware Webmail Edition through 5
ghsa_unreviewed·2022-05-24
CVE-2021-26929 [MEDIUM] CWE-79 GHSA-qc5g-54hm-vfmc: An XSS issue was discovered in Horde Groupware Webmail Edition through 5
An XSS issue was discovered in Horde Groupware Webmail Edition through 5.2.22 (where the Horde_Text_Filter library before 2.3.7 is used). The attacker can send a plain text e-mail message, with JavaScript encoded as a link or email that is mishandled by preProcess in Text2html.php, because bespoke use of \x00\x00\x00 and \x01\x01\x01 interferes with XSS defenses.
OSV
CVE-2021-26929: An XSS issue was discovered in Horde Groupware Webmail Edition through 5
osv·2021-02-14·CVSS 6.1
CVE-2021-26929 [MEDIUM] CVE-2021-26929: An XSS issue was discovered in Horde Groupware Webmail Edition through 5
An XSS issue was discovered in Horde Groupware Webmail Edition through 5.2.22 (where the Horde_Text_Filter library before 2.3.7 is used). The attacker can send a plain text e-mail message, with JavaScript encoded as a link or email that is mishandled by preProcess in Text2html.php, because bespoke use of \x00\x00\x00 and \x01\x01\x01 interferes with XSS defenses.
No detection rules found.
No writeups or analysis indexed.
http://packetstormsecurity.com/files/162187/Webmail-Edition-5.2.22-XSS-Remote-Code-Execution.htmlhttp://packetstormsecurity.com/files/162194/Horde-Groupware-Webmail-5.2.22-Cross-Site-Scripting.htmlhttps://github.com/horde/webmail/releaseshttps://lists.debian.org/debian-lts-announce/2021/02/msg00028.htmlhttps://lists.horde.org/archives/announce/2021/001298.htmlhttps://www.alexbirnberg.com/horde-xss.htmlhttps://www.horde.org/apps/webmailhttp://packetstormsecurity.com/files/162187/Webmail-Edition-5.2.22-XSS-Remote-Code-Execution.htmlhttp://packetstormsecurity.com/files/162194/Horde-Groupware-Webmail-5.2.22-Cross-Site-Scripting.htmlhttps://github.com/horde/webmail/releaseshttps://lists.debian.org/debian-lts-announce/2021/02/msg00028.htmlhttps://lists.horde.org/archives/announce/2021/001298.htmlhttps://www.alexbirnberg.com/horde-xss.htmlhttps://www.horde.org/apps/webmail
2021-02-14
Published