FreeBSD : horde -- XSS vulnerability in help window (ed1d404d-2784-11d9-b954-000bdb1444a4)

High Nessus Plugin ID 36450


The remote FreeBSD host is missing one or more security-related updates.


A Horde Team announcement states that a potential cross-site scripting vulnerability in the help window has been corrected. The vulnerability appears to involve the handling of the topic and module parameters of the help window template.


Update the affected packages.

See Also

Plugin Details

Severity: High

ID: 36450

File Name: freebsd_pkg_ed1d404d278411d9b954000bdb1444a4.nasl

Version: $Revision: 1.10 $

Type: local

Published: 2009/04/23

Modified: 2014/08/13

Dependencies: 12634

Risk Information

Risk Factor: High

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:horde, p-cpe:/a:freebsd:freebsd:horde-devel, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 2004/10/27

Vulnerability Publication Date: 2004/10/06