CVE-2008-3650

Published: Aug 13, 2008Modified: Apr 23, 2026

9.0

Vector

AV:N/AC:L/Au:S/C:C/I:C/A:C

Exploitability: 8.0 / Impact: 10.0

Source: NVD

Description

Multiple unspecified vulnerabilities in Horde Groupware Webmail before Edition 1.1.1 (final) have unknown impact and attack vectors related to "unescaped output," possibly cross-site scripting (XSS), in the (1) object browser and (2) contact view.

Affected (9)

Products: Horde: Groupware Webmail Edition

Horde

1 product

Groupware Webmail Edition

Configuration A

9 vulnerable

Vulnerable Software	Affected Versions
Horde Groupware Webmail Edition	Version 1.0.1
Horde Groupware Webmail Edition	Version 1.0.2
Horde Groupware Webmail Edition	Version 1.0.3
Horde Groupware Webmail Edition	Version 1.0.4
Horde Groupware Webmail Edition	Version 1.0.5
Horde Groupware Webmail Edition	Version 1.0.6
Horde Groupware Webmail Edition	Version 1.0.7
Horde Groupware Webmail Edition	Version 1.0
Horde Groupware Webmail Edition	Version 1.1

References (4)

http://lists.horde.org/archives/announce/2008/000420.html

Source: cve@mitre.org

Patch

https://exchange.xforce.ibmcloud.com/vulnerabilities/44479

Source: cve@mitre.org

http://lists.horde.org/archives/announce/2008/000420.html

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://exchange.xforce.ibmcloud.com/vulnerabilities/44479

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.