Enrico Milanese has reported a vulnerability in eGroupWare, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed to the "cat_data[color]" parameter in preferences/inc/class.uicategories.inc.php and admin/inc/class.uicategories.inc.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is reported in version 1.4.001. Other versions may also be affected. Solution: Fixed in the SVN repository. Provided and/or discovered by: Enrico Milanese Original Advisory: http://www.egroupware.org/viewvc?view=rev&revision=24443
web-apps please advise.
This is CVE-2007-5091.
Version 1.4.002 is in the tree and should be marked stable on the following arches: alpha amd64 hppa ppc x86
(In reply to comment #3) > Version 1.4.002 is in the tree and should be marked stable on the following > arches: > > alpha amd64 hppa ppc x86 > Thanks gunnar.
oops, seems some arches weren't added.
Er, so that's =www-apps/egroupware-1.4.002 then.
Stable for HPPA.
x86 stable
ppc stable
alpha stable
www-apps/egroupware-1.4.002 USE="gd mysql vhosts -jpgraph -ldap -postgres" - Emerges on AMD64. - I didn't have resources to test all the functionality. Although the setup wizard ran well.
amd64 stable, thanks mixnix
time for glsa decision. I vote NO.
Removed insecure version. webapps done here.
XSS, I vote no.
closing without glsa.