4.3

CVE-2006-4256

index.php in Horde Application Framework before 3.1.2 allows remote attackers to include web pages from other sites, which could be useful for phishing attacks, via a URL in the url parameter, aka "cross-site referencing." NOTE: some sources have referred to this issue as XSS, but it is different than classic XSS.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
HordeApplication Framework Version3.0
HordeApplication Framework Version3.0.1
HordeApplication Framework Version3.0.2
HordeApplication Framework Version3.0.3
HordeApplication Framework Version3.0.4
HordeApplication Framework Version3.0.4_rc1
HordeApplication Framework Version3.0.4_rc2
HordeApplication Framework Version3.0.6
HordeApplication Framework Version3.0.7
HordeApplication Framework Version3.0.8
HordeApplication Framework Version3.0.9
HordeApplication Framework Version3.1
HordeApplication Framework Version3.1.1
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.03% 0.765
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:N/I:P/A:N