GHSA-qfg7-wc25-r3j2
Suggest an improvement- Source
- https://github.com/advisories/GHSA-qfg7-wc25-r3j2
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-qfg7-wc25-r3j2/GHSA-qfg7-wc25-r3j2.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/GHSA-qfg7-wc25-r3j2
- Aliases
- Published
- 2022-05-17T00:35:08Z
- Modified
- 2024-04-25T21:12:01.268992Z
- Severity
-
- 6.1 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
- Summary
- eGroupware Community Edition Stored XSS vulnerability
- Details
-
Stored XSS vulnerability in eGroupware Community Edition before 16.1.20170922 allows an unauthenticated remote attacker to inject JavaScript via the User-Agent HTTP header, which is mishandled during rendering by the application administrator.
- Database specific
{ "severity": "MODERATE", "nvd_published_at": "2017-09-30T01:29:00Z", "github_reviewed": true, "cwe_ids": [ "CWE-79" ], "github_reviewed_at": "2024-04-25T20:58:43Z" }- References
Affected packages
Packagist / egroupware/egroupware
Package
- Name
- egroupware/egroupware
- Purl
- pkg:composer/egroupware/egroupware
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed16.1.20170922
Affected versions
14.*
14.2.20150121
14.2.20150206
14.2.20150210
14.2.20150212
14.2.20150218
14.2.20150310
14.2.20150402
14.2.20150421
14.2.20150428
14.2.20150429
14.2.20150501
14.2.20150603
14.2.20150707
14.2.20150717
14.3.20150728
14.3.20150729
14.3.20150811
14.3.20150821
14.3.20150826
14.3.20150908
14.3.20151012
14.3.20151027
14.3.20151028
14.3.20151029
14.3.20151030
14.3.20151110
14.3.20151130
14.3.20151201
14.3.20160112
14.3.20160113
14.3.20160304
14.3.20160428
14.3.20160512
14.3.20160522
14.3.20160524
14.3.20160525
14.3.20160708
16.*
16.1.20160603
16.1.20160621
16.1.20160627
16.1.20160630
16.1.20160708
16.1.20160715
16.1.20160801
16.1.20160810
16.1.20160905
16.1.20161006
16.1.20161102
16.1.20161107
16.1.20161208
16.1.20170118
16.1.20170203
16.1.20170315
16.1.20170415
16.1.20170612
16.1.20170613
16.1.20170703