CVE-2012-6620

N/A Unknown
Published: January 16, 2014 Modified: April 29, 2026
View on NVD

Description

Multiple cross-site scripting (XSS) vulnerabilities in the (1) tasks and (2) search views in Horde Kronolith H4 before 3.0.17 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://bugs.horde.org/ticket/11189
Source: cve@mitre.org
http://lists.horde.org/archives/announce/2012/000766.html
Source: cve@mitre.org
http://secunia.com/advisories/49147
Source: cve@mitre.org
Vendor Advisory
http://www.securityfocus.com/bid/53731
Source: cve@mitre.org
https://exchange.xforce.ibmcloud.com/vulnerabilities/75563
Source: cve@mitre.org
https://github.com/horde/horde/commit/1228a6825a8dab3333d0a8c8986fc10d1f3d11b2
Source: cve@mitre.org
Exploit Patch
http://bugs.horde.org/ticket/11189
Source: af854a3a-2127-422b-91ae-364da2661108
http://lists.horde.org/archives/announce/2012/000766.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/49147
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.securityfocus.com/bid/53731
Source: af854a3a-2127-422b-91ae-364da2661108
https://exchange.xforce.ibmcloud.com/vulnerabilities/75563
Source: af854a3a-2127-422b-91ae-364da2661108
https://github.com/horde/horde/commit/1228a6825a8dab3333d0a8c8986fc10d1f3d11b2
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit Patch

12 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
0.4%
61th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-79

Affected Vendors

horde

Related CVEs

CVE-2026-41971 5.5
CVE-2026-41970 6.8
CVE-2026-41969 6.2
CVE-2026-41968 5.9
CVE-2026-41967 5.9