oss-security September 2010 archive
Main Archive Page > Month Archives  > oss-security archives
oss-security: [oss-security] CVE request: Horde Gollem <1.1.2

[oss-security] CVE request: Horde Gollem <1.1.2 XSS in view.php

From: Alex Legler <a3li_at_nospam>
Date: Wed Sep 29 2010 - 19:20:10 GMT
To: oss-security <oss-security@lists.openwall.com>

Hi,

while there seem to be CVE IDs for most of the issues fixed in the
latest Horde packages, I cannot find one for this issue:

>From http://bugs.horde.org/ticket/9191:
"http://localhost/horde/gollem/view.php?actionID=view_file&type=txt&file=<script>alert("XSS")</script>&dir=../baddir/&driver=file
Vulnerable file : view.php (Line 32 - 46)"

Fixed in git (and released in 1.1.2):
http://lists.horde.org/archives/commits/2010-August/004747.html
http://lists.horde.org/archives/announce/2010/000565.html

Thanks,
Alex
-- Alex Legler <a3li@gentoo.org> Gentoo Security/Ruby