CVE-2017-16907
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2017-16907
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-16907.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2017-16907
- Downstream
- Published
- 2017-11-20T20:29:00.387Z
- Modified
- 2025-12-09T16:47:26.155314Z
- Severity
-
- 5.4 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
- Summary
- [none]
- Details
-
In Horde Groupware 5.2.19 and 5.2.21, there is XSS via the Color field in a Create Task List action.
- References
Affected packages
Git / github.com/horde/base
Affected ranges
- Type
- GIT
- Repo
- https://github.com/horde/base
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
v4.*
v4.0.0
v4.0.0beta1
v4.0.0rc1
v4.0.0rc2
v4.0.1
v4.0.10
v4.0.11
v4.0.12
v4.0.13
v4.0.14
v4.0.15
v4.0.2
v4.0.3
v4.0.4
v4.0.5
v4.0.6
v4.0.7
v4.0.8
v4.0.9
v5.*
v5.0.0
v5.0.0alpha1
v5.0.0beta1
v5.0.0beta2
v5.0.0beta3
v5.0.0beta4
v5.0.0beta5
v5.0.0beta6
v5.0.0rc1
v5.0.1
v5.0.2
v5.0.3
v5.0.4
v5.1.0
v5.1.0beta1
v5.1.0beta2
v5.1.0beta3
v5.1.0rc1
v5.1.1
v5.1.2
v5.1.3
v5.1.4
v5.1.5
v5.2.0
v5.2.0alpha1
v5.2.0beta1
v5.2.0beta2
v5.2.0rc1
v5.2.0rc2
v5.2.1
v5.2.10
v5.2.11
v5.2.12
v5.2.13
v5.2.14
v5.2.15
v5.2.16
v5.2.17
v5.2.18
v5.2.19
v5.2.2
v5.2.3
v5.2.4
v5.2.5
v5.2.6
v5.2.7
v5.2.8
v5.2.9