[announce] [SECURITY] Horde 5.2.23(final)

Michael J Rubinsky mrubinsk at horde.org
Sun Jun 14 21:02:30 UTC 2020

The Horde Team is pleased to announce the final release of the Horde
Application Framework version 5.2.23.

The Horde Application Framework is a flexible, modular, general-purpose web
application framework written in PHP. It provides an extensive array of
components that are targeted at the common problems and tasks involved in
developing modern web applications. It is the basis for a large number of
production-level web applications, notably the Horde Groupware suites.  
For more
information on Horde or the Horde Groupware suites, visit  

For upgrading instructions, please see

For detailed installation and configuration instructions, please see

Thanks to Sulistyo Hidayat for reporting the vulnerability.

The major changes compared to the Horde version 5.2.22 are:
    * Fixed javascript injection vulnerability on the mobile login page.
    * Small bug fixes and improvements.

The full list of changes can be viewed here:


Have fun!

The Horde Team.

The Horde Project
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-keys
Size: 9272 bytes
Desc: PGP Public Key
URL: <https://lists.horde.org/archives/announce/attachments/20200614/f75a0e81/attachment.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 851 bytes
Desc: PGP Digital Signature
URL: <https://lists.horde.org/archives/announce/attachments/20200614/f75a0e81/attachment.sig>

More information about the announce mailing list