CVE-2021-26929
Publication date 14 February 2021
Last updated 24 July 2024
Ubuntu priority
Cvss 3 Severity Score
An XSS issue was discovered in Horde Groupware Webmail Edition through 5.2.22 (where the Horde_Text_Filter library before 2.3.7 is used). The attacker can send a plain text e-mail message, with JavaScript encoded as a link or email that is mishandled by preProcess in Text2html.php, because bespoke use of \x00\x00\x00 and \x01\x01\x01 interferes with XSS defenses.
Status
Package | Ubuntu Release | Status |
---|---|---|
php-horde-text-filter | 24.04 LTS noble | Not in release |
22.04 LTS jammy | Not in release | |
20.04 LTS focal | Not in release | |
18.04 LTS bionic |
Vulnerable
|
|
16.04 LTS xenial |
Vulnerable
|
|
14.04 LTS trusty | Not in release |
Severity score breakdown
Parameter | Value |
---|---|
Base score | 6.1 · Medium |
Attack vector | Network |
Attack complexity | Low |
Privileges required | None |
User interaction | Required |
Scope | Changed |
Confidentiality | Low |
Integrity impact | Low |
Availability impact | None |
Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
References
Other references
- https://lists.horde.org/archives/announce/2021/001298.html
- https://github.com/horde/Text_Filter/commit/c26f938854c36b981558a3b1b9b2f81403cff60e (master)
- https://github.com/horde/Text_Filter/commit/a2f67da064d7a91440b7a2448e56a6387ab94c67 (v2.3.7)
- https://www.alexbirnberg.com/horde-xss.html
- https://github.com/horde/webmail/releases
- https://www.horde.org/apps/webmail
- https://www.cve.org/CVERecord?id=CVE-2021-26929