Headline
CVE-2022-26874: [jan] Fix XSS vulnerability in Open Document mime viewer with differe… · horde/Mime_Viewer@02b46ce
lib/Horde/Mime/Viewer/Ooo.php in Horde Mime_Viewer before 2.2.4 allows XSS via an OpenOffice document, leading to account takeover in Horde Groupware Webmail Edition. This occurs after XSLT rendering.
@@ -98,7 +98,10 @@ protected function _render()
} elseif ($file[‘name’] == ‘content.xml’) {
return array(
$this->_mimepart->getMimeId() => array(
‘data’ => str_replace(array_keys($tags), array_values($tags), $content),
‘data’ => Horde_Text_Filter::filter(
str_replace(array_keys($tags), array_values($tags), $content),
‘xss’
),
‘status’ => array(),
‘type’ => ‘text/html; charset=UTF-8’
)