Candidate: CVE-2012-5567
PublicDate: 2014-04-05 21:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5567
 http://www.openwall.com/lists/oss-security/2012/11/23
Description:
 Multiple cross-site scripting (XSS) vulnerabilities in Horde Kronolith
 Calendar Application H4 before 3.0.18, as used in Horde Groupware Webmail
 Edition before 4.0.9, allow remote attackers to inject arbitrary web script
 or HTML via crafted event location parameters in the (1) month, (2)
 monthlist, or (3) prevmonthlist fields, related to portal blocks.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_kronolith2:
 upstream: http://git.horde.org/horde-git/-/commit/d865c564beb6e98532880aa51a04a79f3311cd1e
upstream_kronolith2: released (3.0.18)
hardy_kronolith2: ignored (reached end-of-life)
lucid_kronolith2: ignored (reached end-of-life)
oneiric_kronolith2: ignored (reached end-of-life)
precise_kronolith2: ignored (reached end-of-life)
precise/esm_kronolith2: DNE (precise was needed)
quantal_kronolith2: DNE
raring_kronolith2: DNE
saucy_kronolith2: DNE
trusty_kronolith2: DNE
trusty/esm_kronolith2: DNE
utopic_kronolith2: DNE
vivid_kronolith2: DNE
vivid/stable-phone-overlay_kronolith2: DNE
vivid/ubuntu-core_kronolith2: DNE
wily_kronolith2: DNE
xenial_kronolith2: DNE
yakkety_kronolith2: DNE
zesty_kronolith2: DNE
devel_kronolith2: DNE