Showing 1 - 2 of 2

CVE-2021-26929

Status Candidate

Overview

An XSS issue was discovered in Horde Groupware Webmail Edition through 5.2.22 (where the Horde_Text_Filter library before 2.3.7 is used). The attacker can send a plain text e-mail message, with JavaScript encoded as a link or email that is mishandled by preProcess in Text2html.php, because bespoke use of \x00\x00\x00 and \x01\x01\x01 interferes with XSS defenses.

Related Files

Horde Groupware Webmail 5.2.22 Cross Site Scripting: Posted Apr 15, 2021; Authored by nu11secur1ty, Ventsislav Varbanovski, Alex Birnberg; Horde Groupware Webmail version 5.2.22 suffers from a persistent cross site scripting vulnerability.; tags | exploit, xss; advisories | CVE-2021-26929; SHA-256 | ac0067ca0ac896cea878797665b7d40d5e0749684dd8782ac6396bcae1757783; Download | Favorite | View

Webmail Edition 5.2.22 XSS / Remote Code Execution: Posted Apr 14, 2021; Authored by nu11secur1ty, Ventsislav Varbanovski, Alex Birnberg; Webmail Edition version 5.2.22 suffers from remote code execution and cross site scripting vulnerabilities via the Horde_Text_Filter library.; tags | exploit, remote, vulnerability, code execution, xss; advisories | CVE-2021-26929; SHA-256 | 61274f1f45025235aa4f5b093517018fc749ec8ab469618084fac2fa0a8d6fe9; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 235 files
Ubuntu 50 files
Debian 19 files
LiquidWorm 16 files
Apple 9 files
Gentoo 5 files
Alter Prime 3 files
Google Security Research 3 files
Pierre Kim 2 files
EQSTLab 2 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,163)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,604)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,945)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,337)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,987)
UNIX (9,475)
UnixWare (188)
Windows (6,784)
Other

CVE-2021-26929

Overview

Related Files

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems