CVE-2006-4256
Publication date 21 August 2006
Last updated 17 July 2025
Ubuntu priority
index.php in Horde Application Framework before 3.1.2 allows remote attackers to include web pages from other sites, which could be useful for phishing attacks, via a URL in the url parameter, aka “cross-site referencing.” NOTE: some sources have referred to this issue as XSS, but it is different than classic XSS.
Status
Package | Ubuntu Release | Status |
---|---|---|
horde3 | 9.10 karmic |
Fixed 3.1.3-1
|
9.04 jaunty |
Fixed 3.1.3-1
|
|
8.10 intrepid |
Fixed 3.1.3-1
|
|
8.04 LTS hardy |
Fixed 3.1.3-1
|
|
7.10 gutsy |
Fixed 3.1.3-1
|
|
7.04 feisty |
Fixed 3.1.3-1
|
|
6.10 edgy |
Fixed 3.1.3-1
|
|
6.06 LTS dapper | Ignored end of life |