Summary
The target is running at least one instance of Horde version 3.0, which suffers from two cross site scripting vulnerabilities. Through specially crafted GET requests to the remote host, an attacker can cause a third party user to unknowingly run arbitrary Javascript code. For more information, see :
http://www.hyperdose.com/advisories/H2005-01.txt
Solution
Upgrade to Horde version 3.0.1 or later.
Severity
Classification
-
CVE CVE-2005-0378 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N
Related Vulnerabilities