PublicDate: 2005-11-22 21:03:00 UTC
Candidate: CVE-2005-3759
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3759
Description:
 Multiple cross-site scripting (XSS) vulnerabilities in Horde before 3.0.7
 allow remote attackers to inject arbitrary web script or HTML via the (1)
 gzip/tar and (2) css MIME viewers, which do not filter or escape dangerous
 HTML when extracting and displaying attachments.
Ubuntu-Description:
Notes:
Priority: untriaged
Discovered-by:
Assigned-to:
CVSS:

Bugs:
dapper_horde3: released (3.1.1-1)
edgy_horde3: released (3.1.1-1)
feisty_horde3: released (3.1.1-1)
devel_horde3: released (3.1.1-1)
upstream_horde3: needs-triage