Debian Php-Horde-Core vulnerabilities
2 known vulnerabilities affecting debian/php-horde-core.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2017-16907MEDIUMCVSS 5.4fixed in php-horde 5.2.18+debian0-1 (bookworm)2017
CVE-2017-16907 [MEDIUM] CVE-2017-16907: php-horde - In Horde Groupware 5.2.19 and 5.2.21, there is XSS via the Color field in a Crea...
In Horde Groupware 5.2.19 and 5.2.21, there is XSS via the Color field in a Create Task List action.
Scope: local
bookworm: resolved (fixed in 5.2.18+debian0-1)
bullseye: resolved (fixed in 5.2.18+debian0-1)
sid: resolved (fixed in 5.2.18+debian0-1)
debian
CVE-2015-8807MEDIUMCVSS 6.1fixed in php-horde-core 2.22.4+debian0-1 (bookworm)2015
CVE-2015-8807 [MEDIUM] CVE-2015-8807: php-horde-core - Cross-site scripting (XSS) vulnerability in the _renderVarInput_number function ...
Cross-site scripting (XSS) vulnerability in the _renderVarInput_number function in horde/framework/Core/lib/Horde/Core/Ui/VarRenderer/Html.php in Horde Groupware before 5.2.12 and Horde Groupware Webmail Edition before 5.2.12 allows remote attackers to inject arbitrary web script or HTML via vectors involving numeric form fields.
Scope: local
bookworm: resolv
debian