296,172
Total vulnerabilities in the database
index.php in Horde Application Framework before 3.1.2 allows remote attackers to include web pages from other sites, which could be useful for phishing attacks, via a URL in the url parameter, aka "cross-site referencing." NOTE: some sources have referred to this issue as XSS, but it is different than classic XSS.
| Software | From | Fixed in |
|---|---|---|
| horde / application_framework | 3.0.2 | 3.0.2.x |
| horde / application_framework | 3.0.8 | 3.0.8.x |
| horde / application_framework | 3.0 | 3.0.x |
| horde / application_framework | 3.0.4_rc1 | 3.0.4_rc1.x |
| horde / application_framework | 3.0.7 | 3.0.7.x |
| horde / application_framework | 3.0.4 | 3.0.4.x |
| horde / application_framework | 3.1 | 3.1.x |
| horde / application_framework | 3.0.1 | 3.0.1.x |
| horde / application_framework | 3.0.6 | 3.0.6.x |
| horde / application_framework | 3.0.3 | 3.0.3.x |
| horde / application_framework | 3.0.4_rc2 | 3.0.4_rc2.x |
| horde / application_framework | 3.1.1 | 3.1.1.x |
| horde / application_framework | 3.0.9 | 3.0.9.x |