CVE-2006-4256

N/A Unknown
Published: August 21, 2006 Modified: April 16, 2026
View on NVD

Description

index.php in Horde Application Framework before 3.1.2 allows remote attackers to include web pages from other sites, which could be useful for phishing attacks, via a URL in the url parameter, aka "cross-site referencing." NOTE: some sources have referred to this issue as XSS, but it is different than classic XSS.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://lists.horde.org/archives/announce/2006/000292.html
Source: cve@mitre.org
http://secunia.com/advisories/21500
Source: cve@mitre.org
Vendor Advisory
http://secunia.com/advisories/27565
Source: cve@mitre.org
http://securityreason.com/securityalert/1422
Source: cve@mitre.org
http://securitytracker.com/id?1016713
Source: cve@mitre.org
http://www.debian.org/security/2007/dsa-1406
Source: cve@mitre.org
http://www.scip.ch/cgi-bin/smss/showadvf.pl?id=2456
Source: cve@mitre.org
http://www.securityfocus.com/archive/1/443360/100/0/threaded
Source: cve@mitre.org
http://www.vupen.com/english/advisories/2006/3309
Source: cve@mitre.org
https://exchange.xforce.ibmcloud.com/vulnerabilities/28411
Source: cve@mitre.org
http://lists.horde.org/archives/announce/2006/000292.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/21500
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/27565
Source: af854a3a-2127-422b-91ae-364da2661108
http://securityreason.com/securityalert/1422
Source: af854a3a-2127-422b-91ae-364da2661108
http://securitytracker.com/id?1016713
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.debian.org/security/2007/dsa-1406
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.scip.ch/cgi-bin/smss/showadvf.pl?id=2456
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/archive/1/443360/100/0/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.vupen.com/english/advisories/2006/3309
Source: af854a3a-2127-422b-91ae-364da2661108
https://exchange.xforce.ibmcloud.com/vulnerabilities/28411
Source: af854a3a-2127-422b-91ae-364da2661108

20 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
1.1%
78th percentile
Exploitation Status
Not in CISA KEV

Affected Vendors

horde