← Back

CVE-2005-4191

nvd nist
Published: Dec 13, 2005Modified: Apr 16, 2026

JSON object

Loading...
3.5
Vector
AV:N/AC:M/Au:S/C:N/I:P/A:N
Exploitability: 6.8 / Impact: 2.9
Source: NVD

Description

Multiple cross-site scripting (XSS) vulnerabilities in templates/tasklists/tasklists.inc in Horde Nag Task List Manager H3 before 2.0.4 allow remote authenticated users to inject arbitrary web script or HTML via (1) the tasklist's name or (2) description, when creating a new tasklist.

Affected (8)

Horde
1 product
Nag Task List Manager H3
Configuration A
8 vulnerable
Vulnerable SoftwareAffected Versions
Horde
Nag Task List Manager H3
Version 1.1.1
Nag Task List Manager H3
Version 1.1.2
Nag Task List Manager H3
Version 1.1.3
Nag Task List Manager H3
Version 1.1
Nag Task List Manager H3
Version 2.0.1
Nag Task List Manager H3
Version 2.0.2
Nag Task List Manager H3
Version 2.0.3
Nag Task List Manager H3
Version 2.0

References (12)

Source: cve@mitre.org
Patch
Source: cve@mitre.org
Patch
Source: cve@mitre.org
PatchVendor Advisory
Source: cve@mitre.org
Vendor Advisory
Source: cve@mitre.org
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.