Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2013-5646HistoryOct 03, 2022 - 4:14 p.m.
CVE-2013-5646
2022-10-0316:14:55
Debian Security Bug Tracker
security-tracker.debian.org
8
cve-2013-5646
xss
roundcube webmail
name field
addressbook group
remote authenticated users
web script
html
unix
3.5 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
0.001 Low
EPSS
Percentile
32.8%
Cross-site scripting (XSS) vulnerability in Roundcube webmail 1.0-git allows remote authenticated users to inject arbitrary web script or HTML via the Name field of an addressbook group.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | roundcube | < 1.6.5+dfsg-1~deb12u1 | roundcube_1.6.5+dfsg-1~deb12u1_all.deb |
| Debian | 11 | all | roundcube | < 1.4.15+dfsg.1-1~deb11u2 | roundcube_1.4.15+dfsg.1-1~deb11u2_all.deb |
| Debian | 10 | all | roundcube | < 1.3.17+dfsg.1-1~deb10u2 | roundcube_1.3.17+dfsg.1-1~deb10u2_all.deb |
| Debian | 999 | all | roundcube | < 1.6.7+dfsg-1 | roundcube_1.6.7+dfsg-1_all.deb |
| Debian | 13 | all | roundcube | < 1.6.7+dfsg-1 | roundcube_1.6.7+dfsg-1_all.deb |
Related
cve
cve
CVE-2013-5646
2022-10-03 16:14:55
cvelist
cvelist
CVE-2013-5646
2022-10-03 16:14:55
prion
prion
Cross site scripting
2013-08-29 12:07:00
nvd
nvd
CVE-2013-5646
2013-08-29 12:07:56
openvas
openvas
Roundcube Webmail 1.0-git XSS Vulnerability
2019-09-02 00:00:00
ubuntucve
ubuntucve
CVE-2013-5646
2013-08-29 00:00:00
3.5 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
0.001 Low
EPSS
Percentile
32.8%
Related for DEBIANCVE:CVE-2013-5646