12 lines
No EOL
771 B
Text
12 lines
No EOL
771 B
Text
source: https://www.securityfocus.com/bid/13212/info
|
|
|
|
eGroupWare is prone to multiple input validation vulnerabilities. A fixed version is available.
|
|
|
|
The issues arise due to a failure of the application to properly validate user-supplied input. These issues result in cross-site scripting and SQL injection attacks.
|
|
|
|
http://egroupware/index.php?menuaction=addressbook.uiaddressbook.edit&ab_id=11[XSS]
|
|
http://egroupware/index.php?menuaction=manual.uimanual.view&page=ManualAddressbook[XSS]
|
|
http://egroupware/index.php?menuaction=forum.uiforum.post&type=new[XSS]
|
|
http://egroupware/wiki/index.php?page=RecentChanges[XSS]
|
|
http://egroupware/wiki/index.php?action=history&page=WikkiTikkiTavi&lang=en[XSS]
|
|
http://egroupware/index.php?menuaction=wiki.uiwiki.edit&page=setup[XSS] |