Lucene search
HistoryOct 03, 2022 - 4:14 p.m.
CVE-2013-5646
cve-2013-5646
cross-site scripting
xss
roundcube webmail
remote authenticated users
addressbook group
3.5 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
5.4 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
32.8%
Cross-site scripting (XSS) vulnerability in Roundcube webmail 1.0-git allows remote authenticated users to inject arbitrary web script or HTML via the Name field of an addressbook group.
Affected configurations
Node
roundcubewebmailMatch1.0git
| CPE | Name | Operator | Version |
|---|---|---|---|
| roundcube:webmail | roundcube webmail | eq | 1.0 |
References
Related
openvas
openvas
Roundcube Webmail 1.0-git XSS Vulnerability
2019-09-02 00:00:00
ubuntucve
ubuntucve
CVE-2013-5646
2013-08-29 00:00:00
debiancve
debiancve
CVE-2013-5646
2022-10-03 16:14:55
cvelist
cvelist
CVE-2013-5646
2022-10-03 16:14:55
prion
prion
Cross site scripting
2013-08-29 12:07:00
nvd
nvd
CVE-2013-5646
2013-08-29 12:07:56
3.5 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
5.4 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
32.8%
Related for CVE-2013-5646