{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2010-09-06T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in util/icon_browser.php in the Horde Application Framework before 3.3.9 allows remote attackers to inject arbitrary web script or HTML via the subdir parameter."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2011-07-12T09:00:00.000Z", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=630687"}, {"name": "20100906 XSS in Horde Application Framework <=3.3.8, icon_browser.php", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://seclists.org/fulldisclosure/2010/Sep/82"}, {"name": "FEDORA-2010-16592", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050408.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://git.horde.org/diff.php/horde/util/icon_browser.php?rt=horde-git&r1=a978a35c3e95e784253508fd4333d2fbb64830b6&r2=9342addbd2b95f184f230773daa4faf5ef6d65e9"}, {"name": "FEDORA-2010-16555", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050423.html"}, {"name": "42140", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/42140"}, {"name": "[announce] 20100928 Horde 3.3.9 (final)", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://lists.horde.org/archives/announce/2010/000557.html"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T02:55:46.720Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=630687"}, {"name": "20100906 XSS in Horde Application Framework <=3.3.8, icon_browser.php", "tags": ["mailing-list", "x_refsource_FULLDISC", "x_transferred"], "url": "http://seclists.org/fulldisclosure/2010/Sep/82"}, {"name": "FEDORA-2010-16592", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050408.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://git.horde.org/diff.php/horde/util/icon_browser.php?rt=horde-git&r1=a978a35c3e95e784253508fd4333d2fbb64830b6&r2=9342addbd2b95f184f230773daa4faf5ef6d65e9"}, {"name": "FEDORA-2010-16555", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050423.html"}, {"name": "42140", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/42140"}, {"name": "[announce] 20100928 Horde 3.3.9 (final)", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://lists.horde.org/archives/announce/2010/000557.html"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2010-3077", "datePublished": "2010-11-09T20:00:00.000Z", "dateReserved": "2010-08-20T00:00:00.000Z", "dateUpdated": "2024-08-07T02:55:46.720Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"affected": [{"affectedData": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "source": "secalert@redhat.com"}], "configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:horde:horde_application_framework:*:*:*:*:*:*:*:*", "matchCriteriaId": "A6D53EAD-F1D9-40A9-87BA-DCB0AF5123E2", "versionEndIncluding": "3.3.8", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "0895A4FC-4755-4125-822D-6D5A81C8EBC9", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:1.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "A8DA68CF-D7EB-48CF-9D2D-43E26A4F0BCA", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:1.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "04288C25-9111-44E1-9099-7ED65639A395", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:1.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "793768BD-03C9-428A-B8AC-E03FEA65D32A", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:1.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "B50AD460-4240-4A75-8944-21F0D5BA711C", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:1.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "5EB2DBC9-0934-4BA2-A6E0-CF1BCB1E0E8E", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:1.3.4:*:*:*:*:*:*:*", "matchCriteriaId": "362CDCE7-16DA-4951-81ED-5B858126E37A", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:1.3.5:*:*:*:*:*:*:*", "matchCriteriaId": "D622651E-ECBC-4A88-8AD2-8EB9AA27F348", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "C64FB724-0978-48E1-94AA-2ED5281C1C2F", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:2.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "2188602F-74FC-4252-9D0C-4B6D68ECA850", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:2.0:rc3:*:*:*:*:*:*", "matchCriteriaId": "E8FF53EE-1D8E-450C-92A2-204EA2B7C410", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:2.0:rc4:*:*:*:*:*:*", "matchCriteriaId": "13ECD794-7621-413B-AC67-FD0072C3F2EA", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "9535A094-9B6F-4E17-8097-D7A6D8936F8F", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "7F473B48-F48A-4B6B-8D69-1F97BB6AA923", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:2.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "C8E1A7DB-906F-4973-BF1C-EFFA0B595A42", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:2.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "AD67E143-A9C0-458A-87C5-E6B3C9AC628D", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:2.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "DA9E6EB8-B5E5-41DF-B5E2-0A97448D16A0", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:2.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "36BEAB4E-04DA-4EDD-990C-697EA0984291", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:2.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "142B9B05-955E-4688-AF6E-ED7B4FE41846", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:2.2.6:*:*:*:*:*:*:*", "matchCriteriaId": "295D48BB-F143-4047-B366-74101AB983CC", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:2.2.6:rc1:*:*:*:*:*:*", "matchCriteriaId": "F8359595-A986-4B7D-9AD6-0F03C037B9CF", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:2.2.7:*:*:*:*:*:*:*", "matchCriteriaId": "58431B48-EA29-4A6F-B9FF-C416924E63B8", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:2.2.8:*:*:*:*:*:*:*", "matchCriteriaId": "61064C18-0E45-4790-B323-262287D8DE34", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:2.2.9:*:*:*:*:*:*:*", "matchCriteriaId": "CCFF25C4-03F2-4D65-ABA9-2406957D546E", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "D1A7CA2D-A52C-4683-ABD3-B63763B2290E", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.0:alpha:*:*:*:*:*:*", "matchCriteriaId": "E72F0C02-DEF7-4617-AD5D-CB808DEE1CC7", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.0:beta:*:*:*:*:*:*", "matchCriteriaId": "F1B318B6-6774-4F9D-8BFC-38B259646922", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "48540E28-E523-4556-BB13-3F3B9F76E043", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.0:rc2:*:*:*:*:*:*", "matchCriteriaId": "7761A879-F736-4D45-AA98-6556946A0CD8", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.0:rc3:*:*:*:*:*:*", "matchCriteriaId": "17093F61-EDE4-44C0-9A75-5E2C94B86D49", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "CA0A882D-9BEB-4A3C-9371-69260374E0B6", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "A17E3AFB-849F-463D-96E8-686B049F48DC", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "047563A7-5F6A-4DE2-8518-88E4E6EEB7D1", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.0.3:rc1:*:*:*:*:*:*", "matchCriteriaId": "B5DAAF73-EC16-4E7E-AAFA-A23F36312884", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "78356C5F-A76E-4CB1-894D-0D882A665096", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.0.4:rc1:*:*:*:*:*:*", "matchCriteriaId": "E2842743-831D-455C-A319-68A7D604834F", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.0.4:rc2:*:*:*:*:*:*", "matchCriteriaId": "2DF05F67-D172-4569-8839-838B2F84D937", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "A0405EC4-12DA-4F15-A5B0-799D399C759E", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.0.5:rc1:*:*:*:*:*:*", "matchCriteriaId": "C4C51DE3-C6D8-4A49-9DD2-E45A734A8C2A", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.0.5:rc2:*:*:*:*:*:*", "matchCriteriaId": "79D21AFE-DA3C-43D4-B253-B5F2682C00C2", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "A1C1DE26-E7B2-4A4E-9F6D-4206F7BC5EBD", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.0.6:rc1:*:*:*:*:*:*", "matchCriteriaId": "E5ADB7BC-7326-4A66-82FE-5B5AB9BAD344", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "6ED629B0-A214-47B5-9767-B47AFB154AFD", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "C07F450D-6DF4-48F2-8776-E791BCBD469A", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.0.9:*:*:*:*:*:*:*", "matchCriteriaId": "CE5B2E87-5A29-4EF8-8BCC-1E5AE28BE6EC", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.0.10:*:*:*:*:*:*:*", "matchCriteriaId": "C55F4BF3-EFA5-4E58-A32C-7DF7F00B74CD", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.0.11:*:*:*:*:*:*:*", "matchCriteriaId": "7795DE95-4DCE-483D-817A-62250802AEF3", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.0.12:*:*:*:*:*:*:*", "matchCriteriaId": "1076ED89-666B-4E1A-B90C-1E9C23C70E07", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.1:*:*:*:*:*:*:*", "matchCriteriaId": "005FB9D3-71C7-4C4B-8D1A-1046A21ABE64", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.1:rc1:*:*:*:*:*:*", "matchCriteriaId": "8C2CD4E9-D06D-44FB-9773-29640E456DC7", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.1:rc2:*:*:*:*:*:*", "matchCriteriaId": "FD9A8696-C91C-467B-A43B-5F2AEFB49A9D", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.1:rc3:*:*:*:*:*:*", "matchCriteriaId": "2C316222-9E28-4D53-A3FE-A47337782260", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "17003C82-B711-496C-A2D4-0CC5FB2DCAC8", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "5B11F13D-5FEC-4090-804A-28D1B2938112", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "B6E3FE20-264A-4496-8FB3-E59A3A38BAE4", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "8F86A1C7-D369-40A7-BFF3-03AC4F3977F2", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.1.4:rc1:*:*:*:*:*:*", "matchCriteriaId": "D49B7214-8BC7-4495-A3C1-4702E5F98DD7", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "D45517DB-2F8C-41BB-9453-7B50F2227286", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.1.6:*:*:*:*:*:*:*", "matchCriteriaId": "852EA094-4661-43EA-B715-0524ABA33274", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.1.7:*:*:*:*:*:*:*", "matchCriteriaId": "1885E75E-4A0C-4393-A900-E611EEA461BB", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.1.8:*:*:*:*:*:*:*", "matchCriteriaId": "D0202CB6-459E-4867-A220-A248A7D419C6", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.1.9:*:*:*:*:*:*:*", "matchCriteriaId": "666F75EF-0B30-476B-B4D3-3465AC85C81E", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "88BE4BD4-174C-4EC5-BCE7-CA63D1369043", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.2:alpha:*:*:*:*:*:*", "matchCriteriaId": "FB00DEDC-BFCE-4238-BD34-594F075DD11C", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.2:rc1:*:*:*:*:*:*", "matchCriteriaId": "F54438D0-C3BB-47BD-BD66-1AEDE08387F3", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.2:rc2:*:*:*:*:*:*", "matchCriteriaId": "CB30C91F-B3F8-45B8-9F79-7EB643A1FAB8", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.2:rc3:*:*:*:*:*:*", "matchCriteriaId": "8B9EC024-FA54-457A-9CAE-E9C5AB990DCF", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.2:rc4:*:*:*:*:*:*", "matchCriteriaId": "E94D8DDD-CE4B-4F7D-8699-6D8D979BB354", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "0D32C974-121E-4FAB-8E39-2933C912935F", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "60A02DC9-3602-43B2-8574-15A6D4528142", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "61F847C8-7775-4FC0-BBE1-C56DFC3D9A63", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "C1ECC0C8-DE09-4079-8476-B0C82ABE980A", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "C0465D03-EE78-4D1D-B6F3-0AB6636D8589", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.3:*:*:*:*:*:*:*", "matchCriteriaId": "8ADA6AAC-7511-47F6-B805-A5C48BA4CD11", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.3:rc1:*:*:*:*:*:*", "matchCriteriaId": "DBA57981-630B-40A7-A6B3-9443A926BC31", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "9B3CB720-A1C0-4E49-BA2C-02283499F252", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "3CE83C51-175E-4FB9-BA2B-505A8B559D44", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "172260F8-D4E5-470D-84EA-00B88B090A8B", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.3.4:*:*:*:*:*:*:*", "matchCriteriaId": "51487521-E1DB-4CD0-9071-C9449EFB681E", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.3.4:rc1:*:*:*:*:*:*", "matchCriteriaId": "880EFFF2-54E1-47B3-A87B-9D7F41505B5C", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.3.5:*:*:*:*:*:*:*", "matchCriteriaId": "EA44794C-3D45-4BC8-AEDB-8D98C5BF6214", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.3.6:*:*:*:*:*:*:*", "matchCriteriaId": "5C047C7A-2338-49D9-8B25-78A25B45788A", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.3.7:*:*:*:*:*:*:*", "matchCriteriaId": "283653B3-00DD-4F9D-AD0E-625564FDE72C", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in util/icon_browser.php in the Horde Application Framework before 3.3.9 allows remote attackers to inject arbitrary web script or HTML via the subdir parameter."}, {"lang": "es", "value": "Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en util/icon_browser.php en el Horde Application Framework anterior a v3.3.9 que permite a atacantes remotos inyectar codigo de script web o c\u00f3digo HTML de su elecci\u00f3n a trav\u00e9s del par\u00e1metro \"subdir\"."}], "id": "CVE-2010-3077", "lastModified": "2026-06-16T23:22:04.993", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2010-11-09T21:00:04.117", "references": [{"source": "secalert@redhat.com", "tags": ["Patch"], "url": "http://git.horde.org/diff.php/horde/util/icon_browser.php?rt=horde-git&r1=a978a35c3e95e784253508fd4333d2fbb64830b6&r2=9342addbd2b95f184f230773daa4faf5ef6d65e9"}, {"source": "secalert@redhat.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050408.html"}, {"source": "secalert@redhat.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050423.html"}, {"source": "secalert@redhat.com", "tags": ["Patch", "Vendor Advisory"], "url": "http://lists.horde.org/archives/announce/2010/000557.html"}, {"source": "secalert@redhat.com", "tags": ["Exploit", "Patch"], "url": "http://seclists.org/fulldisclosure/2010/Sep/82"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/42140"}, {"source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=630687"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://git.horde.org/diff.php/horde/util/icon_browser.php?rt=horde-git&r1=a978a35c3e95e784253508fd4333d2fbb64830b6&r2=9342addbd2b95f184f230773daa4faf5ef6d65e9"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050408.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050423.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://lists.horde.org/archives/announce/2010/000557.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Patch"], "url": "http://seclists.org/fulldisclosure/2010/Sep/82"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/42140"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=630687"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}