2
Candidate: CVE-2006-3548
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3548
6
Multiple cross-site scripting (XSS) vulnerabilities in Horde Application
7
Framework 3.0.0 through 3.0.10 and 3.1.0 through 3.1.1 allow remote
8
attackers to inject arbitrary web script or HTML via a (1) javascript URI
9
or an external (2) http, (3) https, or (4) ftp URI in the url parameter in
10
services/go.php (aka the dereferrer), (5) a javascript URI in the module
11
parameter in services/help (aka the help viewer), and (6) the name
12
parameter in services/problem.php (aka the problem reporting screen).
16
dapper_horde3: ignored (reached end-of-life)
17
edgy_horde3: released (3.1.3-1)
18
feisty_horde3: released (3.1.3-1)
19
gutsy_horde3: released (3.1.3-1)
20
hardy_horde3: released (3.1.3-1)
21
intrepid_horde3: released (3.1.3-1)
22
jaunty_horde3: released (3.1.3-1)
23
karmic_horde3: released (3.1.3-1)
24
devel_horde3: released (3.1.3-1)