CVE-2020-8035

The image view functionality in Horde Groupware Webmail Edition before 5.2.22 is affected by a stored Cross-Site Scripting (XSS) vulnerability via an SVG image upload containing a JavaScript payload. An attacker can obtain access to a victim's webmail account by making them visit a malicious URL.
Configurations

Configuration 1

cpe:2.3:a:horde:groupware:*:*:*:*:webmail:*:*:*

Information

Published : 2020-05-18 03:15

Updated : 2020-06-01 12:15


NVD link : CVE-2020-8035

Mitre link : CVE-2020-8035

Products Affected
No products.
CWE