CVE-2006-4256
Publication date 21 August 2006
Last updated 24 July 2024
Ubuntu priority
index.php in Horde Application Framework before 3.1.2 allows remote attackers to include web pages from other sites, which could be useful for phishing attacks, via a URL in the url parameter, aka “cross-site referencing.” NOTE: some sources have referred to this issue as XSS, but it is different than classic XSS.
Status
Package | Ubuntu Release | Status |
---|---|---|
horde3 | 9.10 karmic |
Fixed 3.1.3-1
|
9.04 jaunty |
Fixed 3.1.3-1
|
|
8.10 intrepid |
Fixed 3.1.3-1
|
|
8.04 LTS hardy |
Fixed 3.1.3-1
|
|
7.10 gutsy |
Fixed 3.1.3-1
|
|
7.04 feisty |
Fixed 3.1.3-1
|
|
6.10 edgy |
Fixed 3.1.3-1
|
|
6.06 LTS dapper | Ignored end of life |