PublicDate: 2008-09-12 16:56:00 UTC
Candidate: CVE-2008-3824
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3824
Description:
 Cross-site scripting (XSS) vulnerability in (1) Text_Filter/Filter/xss.php
 in Horde 3.1.x before 3.1.9 and 3.2.x before 3.2.2 and (2)
 externalinput.php in Popoon r22196 and earlier allows remote attackers to
 inject arbitrary web script or HTML by using / (slash) characters as
 replacements for spaces in an HTML e-mail message.
Ubuntu-Description:
Notes:
Bugs:
Priority: low
Discovered-by:
Assigned-to:
CVSS: 

Patches_horde3:
upstream_horde3: released (3.2.2)
dapper_horde3: ignored (reached end-of-life)
feisty_horde3: needed (reached end-of-life)
gutsy_horde3: needed (reached end-of-life)
hardy_horde3: ignored (reached end-of-life)
intrepid_horde3: needed (reached end-of-life)
jaunty_horde3: not-affected (3.2.2+debian0-1)
karmic_horde3: not-affected (3.2.2+debian0-1)
lucid_horde3: not-affected (3.2.2+debian0-1)
maverick_horde3: not-affected (3.2.2+debian0-1)
natty_horde3: not-affected (3.2.2+debian0-1)
oneiric_horde3: not-affected (3.2.2+debian0-1)
devel_horde3: not-affected (3.2.2+debian0-1)