Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2020-8034

Gollem before 3.0.13, as used in Horde Groupware Webmail Edition 5.2.22 and other products, is affected by a reflected Cross-Site Scripting (XSS) vulnerability via the HTTP GET dir parameter in the browser functionality, affecting breadcrumb output. An attacker can obtain access to a victim's webmail account by making them visit a malicious URL.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 64.8%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
Products affected by CVE-2020-8034
  • Horde » Gollem » Version: 1.0
    cpe:2.3:a:horde:gollem:1.0
  • Horde » Gollem » Version: 1.0.1
    cpe:2.3:a:horde:gollem:1.0.1
  • Horde » Gollem » Version: 1.0.2
    cpe:2.3:a:horde:gollem:1.0.2
  • Horde » Gollem » Version: 1.0.3
    cpe:2.3:a:horde:gollem:1.0.3
  • Horde » Gollem » Version: 1.0.4
    cpe:2.3:a:horde:gollem:1.0.4
  • Horde » Gollem » Version: 1.1
    cpe:2.3:a:horde:gollem:1.1
  • Horde » Gollem » Version: 1.1.1
    cpe:2.3:a:horde:gollem:1.1.1
  • Horde » Gollem » Version: 1.1.2
    cpe:2.3:a:horde:gollem:1.1.2
  • Horde » Gollem » Version: 2.0.0
    cpe:2.3:a:horde:gollem:2.0.0
  • Horde » Gollem » Version: 2.0.1
    cpe:2.3:a:horde:gollem:2.0.1
  • Horde » Gollem » Version: 2.0.2
    cpe:2.3:a:horde:gollem:2.0.2
  • Horde » Gollem » Version: 3.0.0
    cpe:2.3:a:horde:gollem:3.0.0
  • Horde » Gollem » Version: 3.0.1
    cpe:2.3:a:horde:gollem:3.0.1
  • Horde » Gollem » Version: 3.0.10
    cpe:2.3:a:horde:gollem:3.0.10
  • Horde » Gollem » Version: 3.0.11
    cpe:2.3:a:horde:gollem:3.0.11
  • Horde » Gollem » Version: 3.0.12
    cpe:2.3:a:horde:gollem:3.0.12
  • Horde » Gollem » Version: 3.0.2
    cpe:2.3:a:horde:gollem:3.0.2
  • Horde » Gollem » Version: 3.0.3
    cpe:2.3:a:horde:gollem:3.0.3
  • Horde » Gollem » Version: 3.0.4
    cpe:2.3:a:horde:gollem:3.0.4
  • Horde » Gollem » Version: 3.0.5
    cpe:2.3:a:horde:gollem:3.0.5
  • Horde » Gollem » Version: 3.0.6
    cpe:2.3:a:horde:gollem:3.0.6
  • Horde » Gollem » Version: 3.0.7
    cpe:2.3:a:horde:gollem:3.0.7
  • Horde » Gollem » Version: 3.0.8
    cpe:2.3:a:horde:gollem:3.0.8
  • Horde » Gollem » Version: 3.0.9
    cpe:2.3:a:horde:gollem:3.0.9
  • Horde » Groupware » Version: 5.2.22
    cpe:2.3:a:horde:groupware:5.2.22


Products
Pricing
Contact Us

Shodan ® - All rights reserved