1
0
mirror of https://git.FreeBSD.org/ports.git synced 2024-12-28 05:29:48 +00:00

Report an XSS vulnerability in ftp/horde-gollem.

This commit is contained in:
Thierry Thomas 2010-09-28 18:04:45 +00:00
parent 44be814e6e
commit d5e2ba1fbc
Notes: svn2git 2021-03-31 03:12:20 +00:00
svn path=/head/; revision=262047

View File

@ -34,29 +34,30 @@ Note: Please add new entries to the beginning of this file.
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
<vuln vid="6caaa507-cb26-11df-9c1b-0011098ad87f">
<topic>horde-dimp -- XSS vulnerability</topic>
<vuln vid="e08c596e-cb28-11df-9c1b-0011098ad87f">
<topic>horde-gollem -- XSS vulnerability</topic>
<affects>
<package>
<name>horde-dimp</name>
<range><lt>1.1.5</lt></range>
<name>horde-gollem</name>
<range><lt>1.1.2</lt></range>
</package>
</affects>
<description>
<body xmlns="http://www.w3.org/1999/xhtml">
<p>The Horde team reports:</p>
<blockquote cite="http://article.gmane.org/gmane.comp.horde.announce/519">
<p>The major changes compared to DIMP version H3 (1.1.4) are:</p>
<p>* Fixed an XSS vulnerability when showing mailbox names.</p>
<blockquote cite="http://article.gmane.org/gmane.comp.horde.announce/523">
<p>The major changes compared to Gollem version H3 (1.1.1) are:</p>
<p>* Fixed an XSS vulnerability in the file viewer.</p>
</blockquote>
</body>
</description>
<references>
<url>http://article.gmane.org/gmane.comp.horde.announce/519</url>
<url>http://git.horde.org/diff.php/dimp/docs/CHANGES?rt=horde&amp;r1=1.69.2.82&amp;r2=1.69.2.87&amp;ty=h</url>
<url>http://article.gmane.org/gmane.comp.horde.announce/523</url>
<url>http://git.horde.org/diff.php/gollem/docs/CHANGES?rt=horde&amp;r1=1.114.2.55&amp;r2=1.114.2.59&amp;ty=h</url>
<url>http://bugs.horde.org/ticket/9191</url>
</references>
<dates>
<discovery>2010-09.28</discovery>
<discovery>2010-08-21</discovery>
<entry>2010-09-28</entry>
</dates>
</vuln>
@ -85,7 +86,7 @@ Note: Please add new entries to the beginning of this file.
<url>http://git.horde.org/diff.php/imp/docs/CHANGES?rt=horde&amp;r1=1.699.2.424&amp;r2=1.699.2.430&amp;ty=h</url>
</references>
<dates>
<discovery>2010-09.28</discovery>
<discovery>2010-09-28</discovery>
<entry>2010-09-28</entry>
</dates>
</vuln>