[Tickets #6906] The parameter 'object[name]' is not sanitized in the page '/horde/turba/add.php'

bugs at horde.org bugs at horde.org
Thu Jun 12 16:28:55 UTC 2008


DO NOT REPLY TO THIS MESSAGE. THIS EMAIL ADDRESS IS NOT MONITORED.

Ticket URL: http://bugs.horde.org/ticket/6906
-----------------------------------------------------------------------
  Ticket             | 6906
  Created By         | nicolas.kerschenbaum at xmcopartners.com
  Summary            | The parameter 'object[name]' is not sanitized  
in the page
                     | '/horde/turba/add.php'
  Queue              | Turba
  Version            | 2.1.7
  Type               | Bug
  State              | Unconfirmed
  Priority           | 2. Medium
  Milestone          |
  Patch              |
  Owners             |
-----------------------------------------------------------------------


nicolas.kerschenbaum at xmcopartners.com (2008-06-12 12:28) wrote:

Hello,

I found a security hole in Turba H3 2.1.7
This is a Cross Site Scripting (XSS) vulnerability.
The parameter 'object[name]' is not sanitized in the page  
'/horde/turba/add.php'

POC:

<input type="text" name="object[name]" id="object[name]" size="40"  
value="<script>alert('XSS by Nicolas Kerschenbaum');</script>"   
maxlength="255" />



Could you tell me if this vulnerability is corrected in the last  
version of turba (2.2).

Regards

Nicolas Kerschenbaum





More information about the bugs mailing list