CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
AI Score
Confidence
High
EPSS
Percentile
82.1%
Fix XSS vulnerability in post-processing of sanitized HTML content [CVE-2024-42009] Fix XSS vulnerability in serving of attachments other than HTML or SVG [CVE-2024-42008] Fix information leak (access to remote content) via insufficient CSS filtering [CVE-2024-42010]
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 9 | noarch | roundcubemail | < 1.6.8-1 | roundcubemail-1.6.8-1.mga9 |
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
AI Score
Confidence
High
EPSS
Percentile
82.1%