Bug#444351: CVE-2007-5091 multiple coss-site-scripting vulnerabilities

Nico Golde Thu, 27 Sep 2007 15:50:44 -0700

Package: egroupware
Severity: grave
Tags: security

Hi,
the following CVE (Common Vulnerabilities & Exposures) id was
published for egroupware.


CVE-2007-5091[0]:
| Multiple cross-site scripting (XSS) vulnerabilities in eGroupWare
| 1.4.001 allow remote attackers to inject arbitrary web script or HTML
| via the cat_data[color] parameter to (1)
| preferences/inc/class.uicategories.inc.php and (2)
| admin/inc/class.uicategories.inc.php.

If you fix this vulnerability please also include the CVE id
in your changelog entry.

For further information:
[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5091

Kind regards
Nico

-- 
Nico Golde - http://ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.

pgpMGdvLn75P2.pgp
Description: PGP signature

Bug#444351: CVE-2007-5091 multiple coss-site-scripting vulnerabilities

Reply via email to