Debian Php-Horde vulnerabilities

CVE-2020-8035 [MEDIUM] CVE-2020-8035: php-horde - The image view functionality in Horde Groupware Webmail Edition before 5.2.22 is... The image view functionality in Horde Groupware Webmail Edition before 5.2.22 is affected by a stored Cross-Site Scripting (XSS) vulnerability via an SVG image upload containing a JavaScript payload. An attacker can obtain access to a victim's webmail account by making them visit a malicious URL. Scope: local bookworm: resolved (fixed in 5.2.23+debian0-1) bullseye

CVE-2019-12095 [HIGH] CVE-2019-12095: php-horde - Horde Trean, as used in Horde Groupware Webmail Edition through 5.2.22 and other... Horde Trean, as used in Horde Groupware Webmail Edition through 5.2.22 and other products, allows CSRF, as demonstrated by the treanBookmarkTags parameter to the trean/ URI on a webmail server. NOTE: treanBookmarkTags could, for example, be a stored XSS payload. Scope: local bookworm: resolved (fixed in 5.2.21+debian0-1) bullseye: resolved (fixed in 5.2.21+debian0

CVE-2019-12094 [MEDIUM] CVE-2019-12094: php-horde - Horde Groupware Webmail Edition through 5.2.22 allows XSS via an admin/user.php?... Horde Groupware Webmail Edition through 5.2.22 allows XSS via an admin/user.php?form=update_f&user_name= or admin/user.php?form=remove_f&user_name= or admin/config/diff.php?app= URI. Scope: local bookworm: open bullseye: open sid: open

CVE-2017-16907 [MEDIUM] CVE-2017-16907: php-horde - In Horde Groupware 5.2.19 and 5.2.21, there is XSS via the Color field in a Crea... In Horde Groupware 5.2.19 and 5.2.21, there is XSS via the Color field in a Create Task List action. Scope: local bookworm: resolved (fixed in 5.2.18+debian0-1) bullseye: resolved (fixed in 5.2.18+debian0-1) sid: resolved (fixed in 5.2.18+debian0-1)

CVE-2016-2228 [MEDIUM] CVE-2016-2228: php-horde - Cross-site scripting (XSS) vulnerability in horde/templates/topbar/_menubar.html... Cross-site scripting (XSS) vulnerability in horde/templates/topbar/_menubar.html.php in Horde Groupware before 5.2.12 and Horde Groupware Webmail Edition before 5.2.12 allows remote attackers to inject arbitrary web script or HTML via the searchfield parameter, as demonstrated by a request to xplorer/gollem/manager.php. Scope: local bookworm: resolved (fixed in 5.

CVE-2015-7984 [MEDIUM] CVE-2015-7984: php-horde - Multiple cross-site request forgery (CSRF) vulnerabilities in Horde before 5.2.8... Multiple cross-site request forgery (CSRF) vulnerabilities in Horde before 5.2.8, Horde Groupware before 5.2.11, and Horde Groupware Webmail Edition before 5.2.11 allow remote attackers to hijack the authentication of administrators for requests that execute arbitrary (1) commands via the cmd parameter to admin/cmdshell.php, (2) SQL queries via the sql parameter t

CVE-2013-6365 [MEDIUM] CVE-2013-6365: php-horde - Horde Groupware Web mail 5.1.2 has CSRF with requests to change permissions Horde Groupware Web mail 5.1.2 has CSRF with requests to change permissions Scope: local bookworm: resolved (fixed in 5.1.5+debian0-1) bullseye: resolved (fixed in 5.1.5+debian0-1) sid: resolved (fixed in 5.1.5+debian0-1)

CVE-2013-6364 [HIGH] CVE-2013-6364: php-horde - Horde Groupware Webmail Edition has CSRF and XSS when saving search as a virtual... Horde Groupware Webmail Edition has CSRF and XSS when saving search as a virtual address book Scope: local bookworm: resolved bullseye: resolved sid: resolved

CVE-2013-1090 [HIGH] CVE-2013-1090: php-horde - The SUSE horde5 package before 5.0.2-2.4.1 sets incorrect ownership for certain ... The SUSE horde5 package before 5.0.2-2.4.1 sets incorrect ownership for certain configuration files and directories including /etc/apache2/vhosts.d, which allows local wwwrun users to gain privileges via unspecified vectors. Scope: local bookworm: resolved bullseye: resolved sid: resolved