Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2011-2937
HistorySep 21, 2011 - 4:55 p.m.

CVE-2011-2937

2011-09-2116:55:03
CWE-79
[email protected]
web.nvd.nist.gov
24
"cve-2011-2937
cross-site scripting
xss
roundcube webmail
webmail security
nvd"

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.004 Low

EPSS

Percentile

74.7%

JSON

Cross-site scripting (XSS) vulnerability in the UI messages functionality in Roundcube Webmail before 0.5.4 allows remote attackers to inject arbitrary web script or HTML via the _mbox parameter to the default URI.

Affected configurations

NVD
Node
roundcubewebmailRange0.5.3
OR
roundcubewebmailMatch0.1
OR
roundcubewebmailMatch0.1alpha
OR
roundcubewebmailMatch0.1beta
OR
roundcubewebmailMatch0.1beta2
OR
roundcubewebmailMatch0.1rc1
OR
roundcubewebmailMatch0.1rc2
OR
roundcubewebmailMatch0.1.1
OR
roundcubewebmailMatch0.2
OR
roundcubewebmailMatch0.2alpha
OR
roundcubewebmailMatch0.2beta
OR
roundcubewebmailMatch0.2.1
OR
roundcubewebmailMatch0.3
OR
roundcubewebmailMatch0.3beta
OR
roundcubewebmailMatch0.3rc1
OR
roundcubewebmailMatch0.3.1
OR
roundcubewebmailMatch0.4
OR
roundcubewebmailMatch0.4beta
OR
roundcubewebmailMatch0.4.1
OR
roundcubewebmailMatch0.4.2
OR
roundcubewebmailMatch0.5
OR
roundcubewebmailMatch0.5beta
OR
roundcubewebmailMatch0.5rc
OR
roundcubewebmailMatch0.5.1
OR
roundcubewebmailMatch0.5.2

Related

openvas 4
prion 2
freebsd 1
cvelist 2
nvd 2
nessus 2
ubuntucve 2
debiancve 2
cve 1
securityvulns 2
openvas
openvas
FreeBSD Ports: roundcube
2011-09-21 00:00:00
FreeBSD Ports: roundcube
2011-09-21 00:00:00
Mac OS X Multiple Vulnerabilities (2012-001)
2012-02-06 00:00:00
prion
prion
Cross site scripting
2011-09-21 16:55:00
Cross site scripting
2016-01-29 19:59:00
freebsd
freebsd
roundcube -- XSS vulnerability
2011-08-09 00:00:00
cvelist
cvelist
CVE-2011-2937
2011-09-21 16:00:00
CVE-2015-8793
2022-10-03 16:15:59
nvd
nvd
CVE-2011-2937
2011-09-21 16:55:03
CVE-2015-8793
2016-01-29 19:59:05
nessus
nessus
FreeBSD : roundcube -- XSS vulnerability (4ae68e7c-dda4-11e0-a906-00215c6a37bb)
2011-09-13 00:00:00
Mac OS X 10.7.x < 10.7.3 Multiple Vulnerabilities (BEAST)
2012-02-02 00:00:00
ubuntucve
ubuntucve
CVE-2011-2937
2011-09-21 00:00:00
CVE-2015-8793
2016-01-29 00:00:00
debiancve
debiancve
CVE-2011-2937
2011-09-21 16:55:03
CVE-2015-8793
2022-10-03 16:15:59
cve
cve
CVE-2015-8793
2022-10-03 16:15:59
securityvulns
securityvulns
Apple OS X multiple security vulnerabilities
2012-02-03 00:00:00
APPLE-SA-2012-02-01-1 OS X Lion v10.7.3 and Security Update 2012-001
2012-02-03 00:00:00

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.004 Low

EPSS

Percentile

74.7%

JSON
Related for CVE-2011-2937
openvas4prion2freebsd1cvelist2nvd2nessus2ubuntucve2debiancve2cve1securityvulns2