[announce] [SECURITY] Gollem H5 (3.0.5) (final)

Michael J Rubinsky mrubinsk at horde.org
Thu Aug 6 02:01:20 UTC 2015

The Horde Team is pleased to announce the final release of the Gollem File
Manager version H5 (3.0.5).

Gollem is a web-based file manager, providing the ability to fully manage a
hierarchical file system stored in a variety of backends such as a SQL
database, as part of a real filesystem, or on FTP, Samba or SSH servers. For
more information on Gollem, visit http://www.horde.org/apps/gollem.

For upgrading instructions, please see

For detailed installation and configuration instructions, please see

Thanks to an anonymous researcher working with Beyond Security's SecuriTeam
Secure Disclosure program <http://www.beyondsecurity.com/ssd.html> for
discovering the vulnerability.

The major changes compared to Gollem version H5 (3.0.4) are:
     * SECURITY: Fix XSS vulnerability when viewing directories.

The full list of changes can be viewed here:


Have fun!

The Horde Team.

More information about the announce mailing list