CVE-2009-2360 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2360): Cross-site scripting (XSS) vulnerability in passwd/main.php in the Passwd module before 3.1.1 for Horde allows remote attackers to inject arbitrary web script or HTML via the backend parameter.
*** Bug 268110 has been marked as a duplicate of this bug. ***
+*horde-passwd-3.1.1 (24 Aug 2009) + + 24 Aug 2009; Alex Legler <a3li@gentoo.org> +horde-passwd-3.1.1.ebuild: + Non-maintainer commit: Version bump for security bug 277294. +
Arches, please test and mark stable: =www-apps/horde-passwd-3.1.1 Target keywords : "alpha amd64 hppa ppc sparc x86"
amd64 stable
x86 stable
Stable on alpha.
Stable for HPPA.
sparc stable
ppc stable
GLSA with bug 262978.
GLSA 200909-14