CVE-2022-26874MEDIUMCVSS 5.4fixed in php-horde-mime-viewer 2.2.4+debian0-1 (bookworm)2022
CVE-2022-26874 [MEDIUM] CVE-2022-26874: php-horde-mime-viewer - lib/Horde/Mime/Viewer/Ooo.php in Horde Mime_Viewer before 2.2.4 allows XSS via a...
lib/Horde/Mime/Viewer/Ooo.php in Horde Mime_Viewer before 2.2.4 allows XSS via an OpenOffice document, leading to account takeover in Horde Groupware Webmail Edition. This occurs after XSLT rendering.
Scope: local
bookworm: resolved (fixed in 2.2.4+debian0-1)
bullseye: resolved (fixed in 2.2.4+debian0-2~deb11u1)
sid: resolved (fixed in 2.2.4+debian0-
debian