fkie_cve-2010-3077
Vulnerability from fkie_nvd
Published
2010-11-09 21:00
Modified
2025-04-11 00:51
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in util/icon_browser.php in the Horde Application Framework before 3.3.9 allows remote attackers to inject arbitrary web script or HTML via the subdir parameter.
References
secalert@redhat.comhttp://git.horde.org/diff.php/horde/util/icon_browser.php?rt=horde-git&r1=a978a35c3e95e784253508fd4333d2fbb64830b6&r2=9342addbd2b95f184f230773daa4faf5ef6d65e9Patch
secalert@redhat.comhttp://lists.fedoraproject.org/pipermail/package-announce/2010-November/050408.html
secalert@redhat.comhttp://lists.fedoraproject.org/pipermail/package-announce/2010-November/050423.html
secalert@redhat.comhttp://lists.horde.org/archives/announce/2010/000557.htmlPatch, Vendor Advisory
secalert@redhat.comhttp://seclists.org/fulldisclosure/2010/Sep/82Exploit, Patch
secalert@redhat.comhttp://secunia.com/advisories/42140
secalert@redhat.comhttps://bugzilla.redhat.com/show_bug.cgi?id=630687
af854a3a-2127-422b-91ae-364da2661108http://git.horde.org/diff.php/horde/util/icon_browser.php?rt=horde-git&r1=a978a35c3e95e784253508fd4333d2fbb64830b6&r2=9342addbd2b95f184f230773daa4faf5ef6d65e9Patch
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050408.html
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050423.html
af854a3a-2127-422b-91ae-364da2661108http://lists.horde.org/archives/announce/2010/000557.htmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://seclists.org/fulldisclosure/2010/Sep/82Exploit, Patch
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/42140
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=630687
Impacted products
Vendor Product Version
horde horde_application_framework *
horde horde_application_framework 1.0.3
horde horde_application_framework 1.1.1
horde horde_application_framework 1.3.0
horde horde_application_framework 1.3.1
horde horde_application_framework 1.3.2
horde horde_application_framework 1.3.3
horde horde_application_framework 1.3.4
horde horde_application_framework 1.3.5
horde horde_application_framework 2.0
horde horde_application_framework 2.0
horde horde_application_framework 2.0
horde horde_application_framework 2.0
horde horde_application_framework 2.1
horde horde_application_framework 2.2
horde horde_application_framework 2.2.1
horde horde_application_framework 2.2.2
horde horde_application_framework 2.2.3
horde horde_application_framework 2.2.4
horde horde_application_framework 2.2.5
horde horde_application_framework 2.2.6
horde horde_application_framework 2.2.6
horde horde_application_framework 2.2.7
horde horde_application_framework 2.2.8
horde horde_application_framework 2.2.9
horde horde_application_framework 3.0
horde horde_application_framework 3.0
horde horde_application_framework 3.0
horde horde_application_framework 3.0
horde horde_application_framework 3.0
horde horde_application_framework 3.0
horde horde_application_framework 3.0.1
horde horde_application_framework 3.0.2
horde horde_application_framework 3.0.3
horde horde_application_framework 3.0.3
horde horde_application_framework 3.0.4
horde horde_application_framework 3.0.4
horde horde_application_framework 3.0.4
horde horde_application_framework 3.0.5
horde horde_application_framework 3.0.5
horde horde_application_framework 3.0.5
horde horde_application_framework 3.0.6
horde horde_application_framework 3.0.6
horde horde_application_framework 3.0.7
horde horde_application_framework 3.0.8
horde horde_application_framework 3.0.9
horde horde_application_framework 3.0.10
horde horde_application_framework 3.0.11
horde horde_application_framework 3.0.12
horde horde_application_framework 3.1
horde horde_application_framework 3.1
horde horde_application_framework 3.1
horde horde_application_framework 3.1
horde horde_application_framework 3.1.1
horde horde_application_framework 3.1.2
horde horde_application_framework 3.1.3
horde horde_application_framework 3.1.4
horde horde_application_framework 3.1.4
horde horde_application_framework 3.1.5
horde horde_application_framework 3.1.6
horde horde_application_framework 3.1.7
horde horde_application_framework 3.1.8
horde horde_application_framework 3.1.9
horde horde_application_framework 3.2
horde horde_application_framework 3.2
horde horde_application_framework 3.2
horde horde_application_framework 3.2
horde horde_application_framework 3.2
horde horde_application_framework 3.2
horde horde_application_framework 3.2.1
horde horde_application_framework 3.2.2
horde horde_application_framework 3.2.3
horde horde_application_framework 3.2.4
horde horde_application_framework 3.2.5
horde horde_application_framework 3.3
horde horde_application_framework 3.3
horde horde_application_framework 3.3.1
horde horde_application_framework 3.3.2
horde horde_application_framework 3.3.3
horde horde_application_framework 3.3.4
horde horde_application_framework 3.3.4
horde horde_application_framework 3.3.5
horde horde_application_framework 3.3.6
horde horde_application_framework 3.3.7


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6D53EAD-F1D9-40A9-87BA-DCB0AF5123E2",
              "versionEndIncluding": "3.3.8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0895A4FC-4755-4125-822D-6D5A81C8EBC9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:1.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8DA68CF-D7EB-48CF-9D2D-43E26A4F0BCA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:1.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "04288C25-9111-44E1-9099-7ED65639A395",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:1.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "793768BD-03C9-428A-B8AC-E03FEA65D32A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:1.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B50AD460-4240-4A75-8944-21F0D5BA711C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:1.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EB2DBC9-0934-4BA2-A6E0-CF1BCB1E0E8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:1.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "362CDCE7-16DA-4951-81ED-5B858126E37A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:1.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D622651E-ECBC-4A88-8AD2-8EB9AA27F348",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C64FB724-0978-48E1-94AA-2ED5281C1C2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:2.0:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "2188602F-74FC-4252-9D0C-4B6D68ECA850",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:2.0:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "E8FF53EE-1D8E-450C-92A2-204EA2B7C410",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:2.0:rc4:*:*:*:*:*:*",
              "matchCriteriaId": "13ECD794-7621-413B-AC67-FD0072C3F2EA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9535A094-9B6F-4E17-8097-D7A6D8936F8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F473B48-F48A-4B6B-8D69-1F97BB6AA923",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:2.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8E1A7DB-906F-4973-BF1C-EFFA0B595A42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:2.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD67E143-A9C0-458A-87C5-E6B3C9AC628D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:2.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA9E6EB8-B5E5-41DF-B5E2-0A97448D16A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:2.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "36BEAB4E-04DA-4EDD-990C-697EA0984291",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:2.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "142B9B05-955E-4688-AF6E-ED7B4FE41846",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:2.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "295D48BB-F143-4047-B366-74101AB983CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:2.2.6:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "F8359595-A986-4B7D-9AD6-0F03C037B9CF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:2.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "58431B48-EA29-4A6F-B9FF-C416924E63B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:2.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "61064C18-0E45-4790-B323-262287D8DE34",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:2.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCFF25C4-03F2-4D65-ABA9-2406957D546E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1A7CA2D-A52C-4683-ABD3-B63763B2290E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:3.0:alpha:*:*:*:*:*:*",
              "matchCriteriaId": "E72F0C02-DEF7-4617-AD5D-CB808DEE1CC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:3.0:beta:*:*:*:*:*:*",
              "matchCriteriaId": "F1B318B6-6774-4F9D-8BFC-38B259646922",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:3.0:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "48540E28-E523-4556-BB13-3F3B9F76E043",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:3.0:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "7761A879-F736-4D45-AA98-6556946A0CD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:3.0:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "17093F61-EDE4-44C0-9A75-5E2C94B86D49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA0A882D-9BEB-4A3C-9371-69260374E0B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:3.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A17E3AFB-849F-463D-96E8-686B049F48DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:3.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "047563A7-5F6A-4DE2-8518-88E4E6EEB7D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:3.0.3:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "B5DAAF73-EC16-4E7E-AAFA-A23F36312884",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:3.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "78356C5F-A76E-4CB1-894D-0D882A665096",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:3.0.4:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "E2842743-831D-455C-A319-68A7D604834F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:3.0.4:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "2DF05F67-D172-4569-8839-838B2F84D937",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:3.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0405EC4-12DA-4F15-A5B0-799D399C759E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:3.0.5:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "C4C51DE3-C6D8-4A49-9DD2-E45A734A8C2A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:3.0.5:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "79D21AFE-DA3C-43D4-B253-B5F2682C00C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:3.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1C1DE26-E7B2-4A4E-9F6D-4206F7BC5EBD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:3.0.6:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "E5ADB7BC-7326-4A66-82FE-5B5AB9BAD344",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:3.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "6ED629B0-A214-47B5-9767-B47AFB154AFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:3.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "C07F450D-6DF4-48F2-8776-E791BCBD469A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:3.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE5B2E87-5A29-4EF8-8BCC-1E5AE28BE6EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:3.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "C55F4BF3-EFA5-4E58-A32C-7DF7F00B74CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:3.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "7795DE95-4DCE-483D-817A-62250802AEF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:3.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "1076ED89-666B-4E1A-B90C-1E9C23C70E07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "005FB9D3-71C7-4C4B-8D1A-1046A21ABE64",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:3.1:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "8C2CD4E9-D06D-44FB-9773-29640E456DC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:3.1:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "FD9A8696-C91C-467B-A43B-5F2AEFB49A9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:3.1:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "2C316222-9E28-4D53-A3FE-A47337782260",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "17003C82-B711-496C-A2D4-0CC5FB2DCAC8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:3.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B11F13D-5FEC-4090-804A-28D1B2938112",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:3.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6E3FE20-264A-4496-8FB3-E59A3A38BAE4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:3.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F86A1C7-D369-40A7-BFF3-03AC4F3977F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:3.1.4:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "D49B7214-8BC7-4495-A3C1-4702E5F98DD7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:3.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D45517DB-2F8C-41BB-9453-7B50F2227286",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:3.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "852EA094-4661-43EA-B715-0524ABA33274",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:3.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "1885E75E-4A0C-4393-A900-E611EEA461BB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:3.1.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0202CB6-459E-4867-A220-A248A7D419C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:3.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "666F75EF-0B30-476B-B4D3-3465AC85C81E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "88BE4BD4-174C-4EC5-BCE7-CA63D1369043",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:3.2:alpha:*:*:*:*:*:*",
              "matchCriteriaId": "FB00DEDC-BFCE-4238-BD34-594F075DD11C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:3.2:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "F54438D0-C3BB-47BD-BD66-1AEDE08387F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:3.2:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "CB30C91F-B3F8-45B8-9F79-7EB643A1FAB8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:3.2:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "8B9EC024-FA54-457A-9CAE-E9C5AB990DCF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:3.2:rc4:*:*:*:*:*:*",
              "matchCriteriaId": "E94D8DDD-CE4B-4F7D-8699-6D8D979BB354",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:3.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D32C974-121E-4FAB-8E39-2933C912935F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:3.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "60A02DC9-3602-43B2-8574-15A6D4528142",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:3.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "61F847C8-7775-4FC0-BBE1-C56DFC3D9A63",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:3.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1ECC0C8-DE09-4079-8476-B0C82ABE980A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:3.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0465D03-EE78-4D1D-B6F3-0AB6636D8589",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8ADA6AAC-7511-47F6-B805-A5C48BA4CD11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:3.3:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "DBA57981-630B-40A7-A6B3-9443A926BC31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:3.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B3CB720-A1C0-4E49-BA2C-02283499F252",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:3.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CE83C51-175E-4FB9-BA2B-505A8B559D44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:3.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "172260F8-D4E5-470D-84EA-00B88B090A8B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:3.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "51487521-E1DB-4CD0-9071-C9449EFB681E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:3.3.4:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "880EFFF2-54E1-47B3-A87B-9D7F41505B5C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:3.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA44794C-3D45-4BC8-AEDB-8D98C5BF6214",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:3.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C047C7A-2338-49D9-8B25-78A25B45788A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:horde:horde_application_framework:3.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "283653B3-00DD-4F9D-AD0E-625564FDE72C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cross-site scripting (XSS) vulnerability in util/icon_browser.php in the Horde Application Framework before 3.3.9 allows remote attackers to inject arbitrary web script or HTML via the subdir parameter."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en util/icon_browser.php en el Horde Application Framework anterior a v3.3.9 que permite a atacantes remotos inyectar codigo de script web o c\u00f3digo HTML de su elecci\u00f3n a trav\u00e9s del par\u00e1metro \"subdir\"."
    }
  ],
  "id": "CVE-2010-3077",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2010-11-09T21:00:04.117",
  "references": [
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://git.horde.org/diff.php/horde/util/icon_browser.php?rt=horde-git\u0026r1=a978a35c3e95e784253508fd4333d2fbb64830b6\u0026r2=9342addbd2b95f184f230773daa4faf5ef6d65e9"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050408.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050423.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://lists.horde.org/archives/announce/2010/000557.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit",
        "Patch"
      ],
      "url": "http://seclists.org/fulldisclosure/2010/Sep/82"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/42140"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=630687"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://git.horde.org/diff.php/horde/util/icon_browser.php?rt=horde-git\u0026r1=a978a35c3e95e784253508fd4333d2fbb64830b6\u0026r2=9342addbd2b95f184f230773daa4faf5ef6d65e9"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050408.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050423.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://lists.horde.org/archives/announce/2010/000557.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Patch"
      ],
      "url": "http://seclists.org/fulldisclosure/2010/Sep/82"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/42140"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=630687"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.