CVE-2005-1322

Published: May 2, 2005Modified: Apr 16, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

Cross-site scripting (XSS) vulnerability in Horde Nag Task List Manager before 1.1.3 allows remote attackers to inject arbitrary web script or HTML via the parent's frame page title.

Affected (2)

Products: Horde: Nag

Horde

1 product

Nag

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Horde Nag	Version 1.1.1
Horde Nag	Version 1.1.2

References (6)

http://cvs.horde.org/diff.php/nag/docs/CHANGES?r1=1.54.2.33&r2=1.54.2.35&ty=h

Source: cve@mitre.org

http://lists.horde.org/archives/nag/Week-of-Mon-20050418/000756.html

Source: cve@mitre.org

Patch

http://secunia.com/advisories/15079

Source: cve@mitre.org

Vendor Advisory

http://cvs.horde.org/diff.php/nag/docs/CHANGES?r1=1.54.2.33&r2=1.54.2.35&ty=h

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.horde.org/archives/nag/Week-of-Mon-20050418/000756.html

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://secunia.com/advisories/15079

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.