CVE-2008-3650

NameCVE-2008-3650
DescriptionMultiple unspecified vulnerabilities in Horde Groupware Webmail before Edition 1.1.1 (final) have unknown impact and attack vectors related to "unescaped output," possibly cross-site scripting (XSS), in the (1) object browser and (2) contact view.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
Debian Bugs495332

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
horde3sourceetch(not affected)
horde3source(unstable)3.2.1+debian0-1low495332
turba2sourceetch(not affected)
turba2source(unstable)2.2.1-1

Notes

[etch] - turba2 <not-affected> (Vulnerable code not present)
[etch] - horde3 <not-affected> (dup of CVE-2008-3330)
this is actually two issues:
- one a dup of CVE-2008-3330 in horde3
- another an issue in turba2
Search for package or bug name: Reporting problems