Detections
Analytics

FreeBSD : horde -- XSS vulnerability in help window (ed1d404d-2784-11d9-b954-000bdb1444a4)

high Nessus Plugin ID 36450

Synopsis

The remote FreeBSD host is missing one or more security-related updates.

Description

A Horde Team announcement states that a potential cross-site scripting vulnerability in the help window has been corrected. The vulnerability appears to involve the handling of the topic and module parameters of the help window template.

Solution

Update the affected packages.

See Also

https://marc.info/?l=horde-announce&m=109879164718625

http://www.nessus.org/u?f7064f8f

Plugin Details

Severity: High

ID: 36450

File Name: freebsd_pkg_ed1d404d278411d9b954000bdb1444a4.nasl

Version: 1.14

Type: local

Published: 4/23/2009

Updated: 1/6/2021

Supported Sensors: Nessus

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:horde-devel, p-cpe:/a:freebsd:freebsd:horde, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 10/27/2004

Vulnerability Publication Date: 10/6/2004