Lucene search

CVE-2012-3507

🗓️ 25 Aug 2012 10:52:29Reported by redhatType

cve🔗 web.nvd.nist.gov👁 46 Views🌐 WEB

CVE-2012-3507 Cross-site scripting (XSS) vulnerability in RoundCube Webmai

Reporter	Title	Published	Views	Family All 17
Debian CVE	CVE-2012-3507	25 Aug 201210:29	–	debiancve
UbuntuCve	CVE-2012-3507	25 Aug 201200:00	–	ubuntucve
Cvelist	CVE-2012-3507	25 Aug 201210:00	–	cvelist
NVD	CVE-2012-3507	25 Aug 201210:29	–	nvd
Prion	Cross site scripting	25 Aug 201210:29	–	prion
OpenVAS	Fedora Update for roundcubemail FEDORA-2012-12362	30 Aug 201200:00	–	openvas
OpenVAS	Fedora Update for roundcubemail FEDORA-2012-12357	30 Aug 201200:00	–	openvas
OpenVAS	Fedora Update for roundcubemail FEDORA-2012-12357	30 Aug 201200:00	–	openvas
OpenVAS	Fedora Update for roundcubemail FEDORA-2012-12362	30 Aug 201200:00	–	openvas
Fedora	[SECURITY] Fedora 18 Update: roundcubemail-0.7.3-1.fc18	17 Sep 201223:27	–	fedora

Nvd

Node

roundcube webmailRange≤0.7.3

roundcube webmailMatch0.1

roundcube webmailMatch0.120050811

roundcube webmailMatch0.120050820

roundcube webmailMatch0.120051007

roundcube webmailMatch0.120051021

roundcube webmailMatch0.1alpha

roundcube webmailMatch0.1beta

roundcube webmailMatch0.1beta2

roundcube webmailMatch0.1rc1

roundcube webmailMatch0.1rc2

roundcube webmailMatch0.1stable

roundcube webmailMatch0.1.1

roundcube webmailMatch0.2

roundcube webmailMatch0.2alpha

roundcube webmailMatch0.2beta

roundcube webmailMatch0.2stable

roundcube webmailMatch0.2.1

roundcube webmailMatch0.2.2

roundcube webmailMatch0.3

roundcube webmailMatch0.3beta

roundcube webmailMatch0.3rc1

roundcube webmailMatch0.3stable

roundcube webmailMatch0.3.1

roundcube webmailMatch0.4

roundcube webmailMatch0.4beta

roundcube webmailMatch0.4.1

roundcube webmailMatch0.4.2

roundcube webmailMatch0.5

roundcube webmailMatch0.5beta

roundcube webmailMatch0.5rc

roundcube webmailMatch0.5.1

roundcube webmailMatch0.5.2

roundcube webmailMatch0.5.3

roundcube webmailMatch0.5.4

roundcube webmailMatch0.6

roundcube webmailMatch0.7

roundcube webmailMatch0.7.1

roundcube webmailMatch0.7.2

Source	Link
securelist	www.securelist.com/en/advisories/50212
sourceforge	www.sourceforge.net/projects/roundcubemail/files/roundcubemail/0.8.0/
openwall	www.openwall.com/lists/oss-security/2012/08/20/3
trac	www.trac.roundcube.net/ticket/1488519
openwall	www.openwall.com/lists/oss-security/2012/08/20/9
secunia	www.secunia.com/advisories/50212
openwall	www.openwall.com/lists/oss-security/2012/08/20/2

Parameter	Position	Path	Description	CWE
subject	request body	/program/steps/mail/func.inc	Cross-site scripting (XSS) vulnerability allowing injection of arbitrary web script or HTML via email subject.	CWE-79

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

25 Aug 2012 10:29Current

5.5Medium risk

Vulners AI Score5.5

CVSS22.6

EPSS0.00504

CWE-79