CVE-2008-6746

Published: Apr 23, 2009Modified: Apr 23, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

Cross-site scripting (XSS) vulnerability in the contact display view in Turba Contact Manager H3 before 2.2.1 allows remote attackers to inject arbitrary web script or HTML via the contact name.

Affected (40)

Products: Horde: Turba H3

Horde

1 product

Turba H3

Configuration A

40 vulnerable

Vulnerable Software	Affected Versions
Horde Turba H3	Up to 2.2
Horde Turba H3	Version 0.0.1
Horde Turba H3	Version 0.0.2
Horde Turba H3	Version 0.0.3
Horde Turba H3	Version 1.0
Horde Turba H3	Version 1.0 rc4
Horde Turba H3	Version 1.1
Horde Turba H3	Version 1.2.1
Horde Turba H3	Version 1.2.2
Horde Turba H3	Version 1.2.3
Horde Turba H3	Version 1.2.4
Horde Turba H3	Version 1.2.5
Horde Turba H3	Version 1.2
Horde Turba H3	Version 2.0.1
Horde Turba H3	Version 2.0.1 rc1
Horde Turba H3	Version 2.0.2
Horde Turba H3	Version 2.0.3
Horde Turba H3	Version 2.0.3 rc1
Horde Turba H3	Version 2.0.4
Horde Turba H3	Version 2.0.5
Horde Turba H3	Version 2.0
Horde Turba H3	Version 2.0 alpha
Horde Turba H3	Version 2.0 beta
Horde Turba H3	Version 2.0 rc1
Horde Turba H3	Version 2.0 rc2
Horde Turba H3	Version 2.0 rc3
Horde Turba H3	Version 2.1.1
Horde Turba H3	Version 2.1.2
Horde Turba H3	Version 2.1.3
Horde Turba H3	Version 2.1.4
Horde Turba H3	Version 2.1.5
Horde Turba H3	Version 2.1.6
Horde Turba H3	Version 2.1.7
Horde Turba H3	Version 2.1
Horde Turba H3	Version 2.1 rc1
Horde Turba H3	Version 2.2 alpha
Horde Turba H3	Version 2.2 rc1
Horde Turba H3	Version 2.2 rc2
Horde Turba H3	Version 2.2 rc3
Horde Turba H3	Version 2.2 rc4