Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
freebsdFreeBSD4AE68E7C-DDA4-11E0-A906-00215C6A37BB
HistoryAug 09, 2011 - 12:00 a.m.

roundcube -- XSS vulnerability

2011-08-0900:00:00
vuxml.freebsd.org
29

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

EPSS

0.004

Percentile

74.6%

JSON

RoundCube development Team reports:

We just published a new release which fixes a recently
reported XSS vulnerability as an update to the stable 0.5
branch. Please update your installations with this new
version or patch them with the fix which is also published
in the downloads section or our sourceforge.net page.

and:

During one of pen-tests I found that _mbox parameter is not
properly sanitized and reflected XSS attack is possible.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchroundcube< 0.5.4,1UNKNOWN

Related

ubuntucve 2
nessus 2
openvas 4
cve 2
nvd 2
debiancve 2
cvelist 2
prion 2
securityvulns 2
ubuntucve
ubuntucve
CVE-2011-2937
2011-09-21 00:00:00
CVE-2015-8793
2016-01-29 00:00:00
nessus
nessus
FreeBSD : roundcube -- XSS vulnerability (4ae68e7c-dda4-11e0-a906-00215c6a37bb)
2011-09-13 00:00:00
Mac OS X 10.7.x < 10.7.3 Multiple Vulnerabilities (BEAST)
2012-02-02 00:00:00
openvas
openvas
FreeBSD Ports: roundcube
2011-09-21 00:00:00
FreeBSD Ports: roundcube
2011-09-21 00:00:00
Mac OS X Multiple Vulnerabilities (2012-001)
2012-02-06 00:00:00
cve
cve
CVE-2011-2937
2011-09-21 16:55:03
CVE-2015-8793
2016-01-29 19:59:05
nvd
nvd
CVE-2011-2937
2011-09-21 16:55:03
CVE-2015-8793
2016-01-29 19:59:05
debiancve
debiancve
CVE-2011-2937
2011-09-21 16:55:03
CVE-2015-8793
2016-01-29 19:59:05
cvelist
cvelist
CVE-2011-2937
2011-09-21 16:00:00
CVE-2015-8793
2016-01-29 19:00:00
prion
prion
Cross site scripting
2011-09-21 16:55:00
Cross site scripting
2016-01-29 19:59:00
securityvulns
securityvulns
Apple OS X multiple security vulnerabilities
2012-02-03 00:00:00
APPLE-SA-2012-02-01-1 OS X Lion v10.7.3 and Security Update 2012-001
2012-02-03 00:00:00

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

EPSS

0.004

Percentile

74.6%

JSON
Related for 4AE68E7C-DDA4-11E0-A906-00215C6A37BB
ubuntucve2nessus2openvas4cve2nvd2debiancve2cvelist2prion2securityvulns2