Horde Multiple Cross-Site Scripting Vulnerabilities
BID:12255
Info
Horde Multiple Cross-Site Scripting Vulnerabilities
| Bugtraq ID: | 12255 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Jan 13 2005 12:00AM |
| Updated: | Jan 13 2005 12:00AM |
| Credit: | "Hyperdose Security" <[email protected]> is credited with the discovery of this issue. |
| Vulnerable: |
Horde Project Horde 3.0 |
| Not Vulnerable: |
Horde Project Horde 3.0.2 Horde Project Horde 3.0.1 |
Discussion
Horde Multiple Cross-Site Scripting Vulnerabilities
Multiple cross-site scripting vulnerabilities affect Horde. These issues are due to a failure of the application to properly sanitize user-supplied input prior to including it in dynamically generated Web content.
An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
Multiple cross-site scripting vulnerabilities affect Horde. These issues are due to a failure of the application to properly sanitize user-supplied input prior to including it in dynamically generated Web content.
An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
Exploit / POC
Horde Multiple Cross-Site Scripting Vulnerabilities
No exploit is required to leverage these issues. The following proof of concepts have been provided:
http://www.example.com/prefs.php?group=columns"><script>alert(document.domain)</script>&app=turba
http://www.example.com/index.php?url=http%3A%2F%2Fserver.com%2Findex.php"%20onload="javascript:alert(document.domain)"&frameset=0
No exploit is required to leverage these issues. The following proof of concepts have been provided:
http://www.example.com/prefs.php?group=columns"><script>alert(document.domain)</script>&app=turba
http://www.example.com/index.php?url=http%3A%2F%2Fserver.com%2Findex.php"%20onload="javascript:alert(document.domain)"&frameset=0
Solution / Fix
Horde Multiple Cross-Site Scripting Vulnerabilities
Solution:
The vendor has released an upgrade dealing with these issues.
Horde Project Horde 3.0
Solution:
The vendor has released an upgrade dealing with these issues.
Horde Project Horde 3.0
-
Horde Horde 3.0.2
http://ftp.horde.org/pub/horde/horde-3.0.2.tar.gz
References
Horde Multiple Cross-Site Scripting Vulnerabilities
References:
References:
- [announce] Horde 3.0.2 (final) (Horde Project)
- Pandora Homepage (Pandora FMS Team)
- Cross Site Scripting holes found in Horde 3.0 ("Hyperdose Security"
)