PublicDate: 2008-04-27 19:05:00 UTC
Candidate: CVE-2008-1974
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1974
Description:
 Cross-site scripting (XSS) vulnerability in addevent.php in Horde Kronolith
 2.1.7, Groupware Webmail Edition 1.0.6, and Groupware 1.0.5 allows remote
 attackers to inject arbitrary web script or HTML via the url parameter.
Ubuntu-Description:
Notes:
Bugs:
 https://bugs.launchpad.net/bugs/227291
Priority: untriaged
Discovered-by:
Assigned-to:
CVSS: 

Patches_kronolith2:
upstream_kronolith2: released (2.1.8)
dapper_kronolith2: ignored (reached end-of-life)
feisty_kronolith2: needs-triage (reached end-of-life)
gutsy_kronolith2: needs-triage (reached end-of-life)
hardy_kronolith2: ignored (reached end-of-life)
intrepid_kronolith2: not-affected (2.1.8-1)
jaunty_kronolith2: not-affected (2.1.8-1)
karmic_kronolith2: not-affected (2.1.8-1)
lucid_kronolith2: not-affected (2.1.8-1)
maverick_kronolith2: not-affected (2.1.8-1)
natty_kronolith2: not-affected (2.1.8-1)
oneiric_kronolith2: not-affected (2.1.8-1)
devel_kronolith2: not-affected (2.1.8-1)