CVE-2021-44025

🗓️ 19 Nov 2021 03:47:48Reported by mitreType

cve🔗 web.nvd.nist.gov📰️ 3 Media mentions👁 105 Views

Roundcube before 1.3.17 and 1.4.x before 1.4.12 prone to XSS in attachment handlin

Reporter	Title	Published	Views	Family All 49
Circl	CVE-2021-44025	19 Nov 202107:16	–	circl
CNNVD	Roundcube Webmail 跨站脚本漏洞	19 Nov 202100:00	–	cnnvd
Cvelist	CVE-2021-44025	19 Nov 202103:47	–	cvelist
Debian	[SECURITY] [DLA 2840-1] roundcube security update	6 Dec 202118:21	–	debian
Debian	[SECURITY] [DSA 5013-1] roundcube security update	27 Nov 202109:47	–	debian
Debian	[SECURITY] [DSA 5013-1] roundcube security update	27 Nov 202109:47	–	debian
Debian CVE	CVE-2021-44025	19 Nov 202103:47	–	debiancve
Tenable Nessus	Debian DLA-2840-1 : roundcube - LTS security update	8 Dec 202100:00	–	nessus
Tenable Nessus	Debian DSA-5013-1 : roundcube - security update	29 Nov 202100:00	–	nessus
Tenable Nessus	GLSA-202507-10 : Roundcube: Multiple Vulnerabilities	22 Jul 202500:00	–	nessus

NVD

Node

roundcube webmailRange1.4.0–1.4.12

Node

Node

Source	Link
bugs	www.bugs.debian.org/1000156
github	www.github.com/roundcube/roundcubemail/commit/faf99bf8a2b7b7562206fa047e8de652861e624a
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NDVGIZMQJ5IOM47Y3SAAJRN5VPANKTKO/
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TP3Y5RXTUUOUODNG7HFEKWYNIPIT2NL4/
lists	www.lists.debian.org/debian-lts-announce/2021/12/msg00004.html
github	www.github.com/roundcube/roundcubemail/issues/8193
github	www.github.com/roundcube/roundcubemail/commit/7d7b1dfeff795390b69905ceb63d6391b5b0dfe7
debian	www.debian.org/security/2021/dsa-5013

21 Nov 2024 06:30Current

7.2High risk

Vulners AI Score7.2

CVSS 24.3

CVSS 3.16.1

EPSS0.00629