CVE-2004-2741

N/A Unknown

Published: December 31, 2004 Modified: April 16, 2026

Description

Cross-site scripting (XSS) vulnerability in the "help window" (help.php) in Horde Application Framework 2.2.6 allows remote attackers to inject arbitrary web script or HTML via the (1) module, (2) topic, or (3) module parameters.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://cvs.horde.org/diff.php/horde/templates/help/index.inc?r1=1.9.2.4&r2=1.9.2.5&ty=u

Source: cve@mitre.org

http://lists.horde.org/archives/announce/2004/000107.html

Source: cve@mitre.org

Patch

http://secunia.com/advisories/12992

Source: cve@mitre.org

Patch Vendor Advisory

http://securitytracker.com/id?1011959

Source: cve@mitre.org

http://www.osvdb.org/11164

Source: cve@mitre.org

http://www.securityfocus.com/bid/11546

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/17881

Source: cve@mitre.org

http://cvs.horde.org/diff.php/horde/templates/help/index.inc?r1=1.9.2.4&r2=1.9.2.5&ty=u