Vulnerabilities

CVE-2016-6191

by Fred · 17/02/2017

Multiple cross-site scripting (XSS) vulnerabilities in the View Raw Source page in the Web Calendar in SOGo before 3.1.3 allow remote attackers to inject arbitrary web script or HTML via the (1) Description, (2) Location, (3) URL, or (4) Title field.

Date published : 2017-02-17

https://github.com/inverse-inc/sogo/commit/64ce3c9c22fd9a28caabf11e76216cd53d0245aa

https://sogo.nu/bugs/view.php?id=3718

Similar

Tags: Cybersecurity Alert