Horde Kronolith Open Redirect Vulnerability Fixed By 4.2.22


Description   (:An open redirect vulnerability has been identified in Horde Kronolith.:A remote attacker could exploit it by enticing their victim into following a specially crafted link in order to redirect them to an arbitrary website.::No further information is available.)
     
Vulnerable Products   Vulnerable Software:
Kronolith (Horde) - 0.0.1, 0.0.2, 0.0.3, 1.1.1, 1.1.1-RC1, ..., 4.2.5, 4.2.6, 4.2.7, 4.2.8, 4.2.9
     
Solution   Horde has released version 4.2.22 of Kronolith which fixes this vulnerability.
     
CVE  
     
References   - Horde Kronolith : v4.2.22
https://www.horde.org/apps/kronolith/docs/CHANGES
     
Vulnerability Manager Detection   No
     
IPS Protection  
ASQ Engine alarm Available Since
Site with open redirect
4.0.0
     


 
 
 
 
 Risk level 
Low 

 Vulnerability First Public Report Date 
2017-08-01 

 Target Type 
Client 

 Possible exploit 
Remote