Lucene search
MitreCVELIST:CVE-2015-1433HistoryFeb 03, 2015 - 4:00 p.m.
CVE-2015-1433
2015-02-0316:00:00
mitre
www.cve.org
program/lib/Roundcube/rcube_washtml.php in Roundcube before 1.0.5 does not properly quote strings, which allows remote attackers to conduct cross-site scripting (XSS) attacks via the style attribute in an email.
References
lists.fedoraproject.org/pipermail/package-announce/2015-February/149877.html
lists.opensuse.org/opensuse-updates/2015-02/msg00064.html
roundcube.net/news/2015/01/24/security-update-1.0.5/
trac.roundcube.net/changeset/786aa0725/github
trac.roundcube.net/ticket/1490227
www.openwall.com/lists/oss-security/2015/01/31/3
www.openwall.com/lists/oss-security/2015/01/31/6
www.securityfocus.com/bid/72401
Related
nessus
nessus
openSUSE Security Update : roundcubemail (openSUSE-2015-148)
2015-02-16 00:00:00
Fedora 20 : roundcubemail-1.0.5-1.fc20 (2015-1761)
2015-02-16 00:00:00
Fedora 21 : roundcubemail-1.0.5-1.fc21 (2015-1772)
2015-02-16 00:00:00
debiancve
debiancve
CVE-2015-1433
2015-02-03 16:59:24
seebug
seebug
RoundCube Webmail mail <1.0.5 body stored XSS(CVE-2015-1433)
2017-03-16 00:00:00
ubuntucve
ubuntucve
CVE-2015-1433
2015-02-03 00:00:00
cve
cve
CVE-2015-1433
2015-02-03 16:59:24
nvd
nvd
CVE-2015-1433
2015-02-03 16:59:24
prion
prion
Cross site scripting
2015-02-03 16:59:00
openvas
openvas
Fedora Update for roundcubemail FEDORA-2015-1761
2015-02-15 00:00:00
Fedora Update for roundcubemail FEDORA-2015-1772
2015-02-15 00:00:00
Debian: Security Advisory (DLA-613-1)
2018-02-07 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: roundcubemail-1.0.5-1.fc20
2015-02-15 03:30:22
[SECURITY] Fedora 21 Update: roundcubemail-1.0.5-1.fc21
2015-02-15 03:18:57
osv
osv
roundcube - security update
2016-09-08 00:00:00
debian
debian
[SECURITY] [DLA 613-1] roundcube security update
2016-09-08 09:58:47