Candidate: CVE-2012-5566
PublicDate: 2014-04-05 21:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5566
 http://www.openwall.com/lists/oss-security/2012/11/23
Description:
 Multiple cross-site scripting (XSS) vulnerabilities in Horde Kronolith
 Calendar Application H4 before 3.0.17, as used in Horde Groupware Webmail
 Edition before 4.0.8, allow remote attackers to inject arbitrary web script
 or HTML via the (1) tasks view or (2) search view.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_kronolith2:
 upstream: http://git.horde.org/horde-git/-/commit/1228a6825a8dab3333d0a8c8986fc10d1f3d11b2
upstream_kronolith2: not-affected (introduced in 3.0.x)
hardy_kronolith2: not-affected (2.1.5-1)
lucid_kronolith2: not-affected (2.3.3+debian0-1)
oneiric_kronolith2: not-affected (2.3.4+debian0-1)
precise_kronolith2: not-affected (2.3.4+debian0-1)
quantal_kronolith2: DNE
devel_kronolith2: DNE