FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

turba -- Cross site scripting vulnerabilities in several of the address book name and contact data fields

Affected packages
turba < 2.0.5

Details

VuXML ID eeebd55d-6a88-11da-b96e-000fb586ba73
Discovery 2005-12-11
Entry 2005-12-11

Announce of Turba H3 (2.0.5) (final):

This [2.0.5] is a security release that fixes cross site scripting vulnerabilities in several of the address book name and contact data fields. None of the vulnerabilities can be exploited by unauthenticated users; however, we strongly recommend that all users of Turba 2.0.4 upgrade to 2.0.5 as soon as possible.

References

URL http://marc.theaimsgroup.com/?l=horde-announce&m=113433120829232&w=2