PublicDate: 2007-03-16 21:19:00 UTC
Candidate: CVE-2007-1473
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1473
Description:
 Cross-site scripting (XSS) vulnerability in framework/NLS/NLS.php in Horde
 Framework before 3.1.4 RC1, when the login page contains a language
 selection box, allows remote attackers to inject arbitrary web script or
 HTML via the new_lang parameter to login.php.
Ubuntu-Description:
Notes:
Priority: untriaged
Discovered-by:
Assigned-to:
CVSS:

Bugs:
dapper_horde3: ignored (reached end-of-life)
edgy_horde3: needed (reached end-of-life)
feisty_horde3: needed (reached end-of-life)
gutsy_horde3: released (3.1.4-1)
hardy_horde3: released (3.1.4-1)
intrepid_horde3: released (3.1.4-1)
jaunty_horde3: released (3.1.4-1)
karmic_horde3: released (3.1.4-1)
devel_horde3: released (3.1.4-1)
upstream_horde3: needs-triage