Groupware CVEs and Security Vulnerabilities - OpenCVE

Filtered by vendor Horde Subscriptions

Filtered by product Groupware Subscriptions

Search

Switch to Advanced Search (Beta)

Total 45 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2017-16906	1 Horde	1 Groupware	2024-11-21	N/A
In Horde Groupware 5.2.19-5.2.22, there is XSS via the URL field in a "Calendar -> New Event" action.
CVE-2017-15235	1 Horde	1 Groupware	2024-11-21	N/A
The File Manager (gollem) module 3.0.11 in Horde Groupware 5.2.21 allows remote attackers to bypass Horde authentication for file downloads via a crafted fn parameter that corresponds to the exact filename.
CVE-2013-6365	3 Debian, Horde, Opensuse	3 Debian Linux, Groupware, Opensuse	2024-11-21	5.3 Medium
Horde Groupware Web mail 5.1.2 has CSRF with requests to change permissions
CVE-2013-6364	2 Debian, Horde	2 Debian Linux, Groupware	2024-11-21	8.8 High
Horde Groupware Webmail Edition has CSRF and XSS when saving search as a virtual address book
CVE-2013-6275	2 Debian, Horde	2 Debian Linux, Groupware	2024-11-21	6.5 Medium
Multiple CSRF issues in Horde Groupware Webmail Edition 5.1.2 and earlier in basic.php.

« first previous Page 3 of 3.