FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

horde -- XSS vulnerabilities

Affected packages
horde < 5.2.9
pear-Horde_Core < 2.22.6

Details

VuXML ID 3aa8b781-d2c4-11e5-b2bd-002590263bf5
Discovery 2016-02-02
Entry 2016-02-14

The Horde Team reports:

Fixed XSS vulnerabilities in menu bar and form renderer.

References

CVE Name CVE-2015-8807
CVE Name CVE-2016-2228
URL http://lists.horde.org/archives/announce/2016/001149.html
URL http://www.openwall.com/lists/oss-security/2016/02/06/4
URL https://bugs.horde.org/ticket/14213
URL https://github.com/horde/horde/commit/11d74fa5a22fe626c5e5a010b703cd46a136f253
URL https://github.com/horde/horde/commit/ab07a1b447de34e13983b4d7ceb18b58c3a358d8
URL https://github.com/horde/horde/commit/f03301cf6edcca57121a15e80014c4d0f29d99a0