Known Vulnerabilities for Content by Horde
Listed below are 10 of the newest known vulnerabilities associated with "Content" by "Horde".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-35057 | XenForo before 2.3.10 and before 2.2.19 is vulnerable to stored cross-site scripting (XSS) in structured text mentions, prima... | Not Provided | 2026-04-01 | 2026-04-01 |
| CVE-2026-35055 | XenForo before 2.3.9 and before 2.2.18 is vulnerable to cross-site scripting (XSS) related to lightbox usage in posts. An att... | Not Provided | 2026-04-01 | 2026-04-01 |
| CVE-2026-35054 | XenForo before 2.3.9 is vulnerable to stored cross-site scripting (XSS) related to BB code rendering. An attacker can inject ... | Not Provided | 2026-04-01 | 2026-04-01 |
| CVE-2026-34973 | phpMyFAQ is an open source FAQ web application. Prior to version 4.1.1, the searchCustomPages() method in phpmyfaq/src/phpMyF... | Not Provided | 2026-04-02 | 2026-04-02 |
| CVE-2026-34831 | Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Files#fail sets the Content-L... | Not Provided | 2026-04-02 | 2026-04-02 |
| CVE-2026-34829 | Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Multipart::Parser only wraps ... | Not Provided | 2026-04-02 | 2026-04-02 |
| CVE-2026-34827 | Rack is a modular Ruby web server interface. From versions 3.0.0.beta1 to before 3.1.21, and 3.2.0 to before 3.2.6, Rack::Mul... | Not Provided | 2026-04-02 | 2026-04-02 |
| CVE-2026-34786 | Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Static#applicable_rules evalu... | Not Provided | 2026-04-02 | 2026-04-02 |
| CVE-2026-34751 | Payload is a free and open source headless content management system. Prior to version 3.79.1 in @payloadcms/graphql and payl... | Not Provided | 2026-04-01 | 2026-04-01 |
| CVE-2026-34750 | Payload is a free and open source headless content management system. Prior to version 3.78.0 in @payloadcms/storage-azure, @... | Not Provided | 2026-04-01 | 2026-04-01 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Horde | Content | 2.0.6 | All | All | All |
| Application | Horde | Content | 2.0.5 | All | All | All |
| Application | Horde | Content | 2.0.4 | All | All | All |
| Application | Horde | Content | 2.0.3 | All | All | All |
| Application | Horde | Content | 2.0.2 | All | All | All |
| Application | Horde | Content | 2.0.1 | All | All | All |
| Application | Horde | Content | 2.0.0 | - | All | All |
| Application | Horde | Content | 2.0.0 | beta1 | All | All |
| Application | Horde | Content | 1.0.3 | All | All | All |
| Application | Horde | Content | 1.0.2 | All | All | All |
| Application | Horde | Content | 1.0.1 | All | All | All |
| Application | Horde | Content | 1.0.0 | - | All | All |
| Application | Horde | Content | 1.0.0 | alpha1 | All | All |
| Application | Horde | Content | 1.0.0 | beta1 | All | All |
| Application | Horde | Content | 1.0.0 | rc1 | All | All |
| Application | Horde | Content | 1.0.0 | rc2 | All | All |