Vulnerability Details CVE-2013-6364
Horde Groupware Webmail Edition has CSRF and XSS when saving search as a virtual address book
Exploit prediction scoring system (EPSS) score
EPSS Score 0.017
EPSS Ranking 81.5%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 6.8
References
- http://archives.neohapsis.com/archives/bugtraq/2013-11/0012.html
- http://www.exploit-db.com/exploits/29519
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-6364
- https://bugzilla.suse.com/show_bug.cgi?id=CVE-2013-6364
- https://security-tracker.debian.org/tracker/CVE-2013-6364
- https://www.securityfocus.com/archive/1/529589
- http://archives.neohapsis.com/archives/bugtraq/2013-11/0012.html
- http://www.exploit-db.com/exploits/29519
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-6364
- https://bugzilla.suse.com/show_bug.cgi?id=CVE-2013-6364
- https://security-tracker.debian.org/tracker/CVE-2013-6364
- https://www.securityfocus.com/archive/1/529589
Products affected by CVE-2013-6364
-
cpe:2.3:a:horde:groupware:5.1.2
-
cpe:2.3:o:debian:debian_linux:10.0
-
cpe:2.3:o:debian:debian_linux:8.0
-
cpe:2.3:o:debian:debian_linux:9.0