Back to CVE Browser

CVE-2019-12095

HIGH

8.8

CVSS Severity Score

EPSS Score0.1500%

EPSS Percentile30.34th

PublishedOct 24, 2019

Last ModifiedNov 21, 2024

Vulnerability Description

Horde Trean, as used in Horde Groupware Webmail Edition through 5.2.22 and other products, allows CSRF, as demonstrated by the treanBookmarkTags parameter to the trean/ URI on a webmail server. NOTE: treanBookmarkTags could, for example, be a stored XSS payload.

Affected Platforms (CPE)

📦

Horde

Groupware

<= 5.2.22

References & Advisories

🔗 https://bugs.horde.org/ticket/14926

🔗 https://cxsecurity.com/issue/WLB-2019050199

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/161333

🔗 https://lists.debian.org/debian-lts-announce/2019/12/msg00015.html

🔗 https://numanozdemir.com/respdisc/horde/horde.mp4

🔗 https://numanozdemir.com/respdisc/horde/horde.txt

🔗 https://packetstormsecurity.com/files/152975/Horde-Webmail-5.2.22-XSS-CSRF-SQL-Injection-Code-Execution.html

🔗 https://www.exploit-db.com/exploits/46903

Related Vulnerabilities

CVE-2008-721810.0

Unspecified vulnerability in the Horde API in Horde 3.1 before 3.1.6 and 3.2 before 3.2 before 3.2-RC2; Turba H3 2.1 before 2.1.6 ...

CVE-2008-721910.0

Horde Kronolith H3 2.1 before 2.1.7 and 2.2 before 2.2-RC2; Nag H3 2.1 before 2.1.4 and 2.2 before 2.2-RC2; Mnemo H3 2.1 before 2....

CVE-2005-364010.0

Multiple buffer overflows in the IMAP Groupware Mail server of Floosietek FTGate (FTGate4) 4.1 allow remote attackers to execute a...

CVE-2019-199079.8

HrAddFBBlock in libfreebusy/freebusyutil.cpp in Kopano Groupware Core before 8.7.7 allows out-of-bounds access, as demonstrated by...