Lucene search
HistoryJun 04, 2012 - 3:55 p.m.
CVE-2012-1253
CVSS2
2.6
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:N/C:N/I:P/A:N
AI Score
5.4
Confidence
High
EPSS
0.003
Percentile
65.7%
Cross-site scripting (XSS) vulnerability in Roundcube Webmail before 0.7, when Internet Explorer is used, allows remote attackers to inject arbitrary web script or HTML via vectors involving an embedded image attachment.
Affected configurations
Node
roundcubewebmailRange≤0.6
ORroundcubewebmailMatch0.1
ORroundcubewebmailMatch0.1alpha
ORroundcubewebmailMatch0.1beta
ORroundcubewebmailMatch0.1beta2
ORroundcubewebmailMatch0.1rc1
ORroundcubewebmailMatch0.1rc2
ORroundcubewebmailMatch0.1.1
ORroundcubewebmailMatch0.2
ORroundcubewebmailMatch0.2alpha
ORroundcubewebmailMatch0.2beta
ORroundcubewebmailMatch0.2.1
ORroundcubewebmailMatch0.2.2
ORroundcubewebmailMatch0.3
ORroundcubewebmailMatch0.3beta
ORroundcubewebmailMatch0.3rc1
ORroundcubewebmailMatch0.3.1
ORroundcubewebmailMatch0.4
ORroundcubewebmailMatch0.4beta
ORroundcubewebmailMatch0.4.1
ORroundcubewebmailMatch0.4.2
ORroundcubewebmailMatch0.5
ORroundcubewebmailMatch0.5beta
ORroundcubewebmailMatch0.5rc
ORroundcubewebmailMatch0.5.1
ORroundcubewebmailMatch0.5.2
ORroundcubewebmailMatch0.5.3
ORroundcubewebmailMatch0.5.4
| Vendor | Product | Version | CPE |
|---|---|---|---|
| roundcube | webmail | * | cpe:2.3:a:roundcube:webmail:*:*:*:*:*:*:*:* |
| roundcube | webmail | 0.1 | cpe:2.3:a:roundcube:webmail:0.1:*:*:*:*:*:*:* |
| roundcube | webmail | 0.1 | cpe:2.3:a:roundcube:webmail:0.1:alpha:*:*:*:*:*:* |
| roundcube | webmail | 0.1 | cpe:2.3:a:roundcube:webmail:0.1:beta:*:*:*:*:*:* |
| roundcube | webmail | 0.1 | cpe:2.3:a:roundcube:webmail:0.1:beta2:*:*:*:*:*:* |
| roundcube | webmail | 0.1 | cpe:2.3:a:roundcube:webmail:0.1:rc1:*:*:*:*:*:* |
| roundcube | webmail | 0.1 | cpe:2.3:a:roundcube:webmail:0.1:rc2:*:*:*:*:*:* |
| roundcube | webmail | 0.1.1 | cpe:2.3:a:roundcube:webmail:0.1.1:*:*:*:*:*:*:* |
| roundcube | webmail | 0.2 | cpe:2.3:a:roundcube:webmail:0.2:*:*:*:*:*:*:* |
| roundcube | webmail | 0.2 | cpe:2.3:a:roundcube:webmail:0.2:alpha:*:*:*:*:*:* |
Related
ubuntucve
ubuntucve
CVE-2012-1253
2012-06-04 00:00:00
prion
prion
Cross site scripting
2012-06-04 15:55:00
cvelist
cvelist
CVE-2012-1253
2022-10-03 16:15:24
debiancve
debiancve
CVE-2012-1253
2022-10-03 16:15:24
cve
cve
CVE-2012-1253
2022-10-03 16:15:24
jvn
jvn
JVN#21422837: Roundcube Webmail vulnerable to cross-site scripting
2012-05-25 00:00:00
openvas
openvas
Fedora Update for roundcubemail FEDORA-2012-9329
2012-06-25 00:00:00
Fedora Update for roundcubemail FEDORA-2012-9329
2012-06-25 00:00:00
Fedora Update for roundcubemail FEDORA-2012-9337
2012-06-25 00:00:00
fedora
fedora
[SECURITY] Fedora 16 Update: roundcubemail-0.7.2-2.fc16
2012-06-22 08:37:12
[SECURITY] Fedora 15 Update: roundcubemail-0.7.2-2.fc15
2012-06-22 08:39:24
nessus
nessus
Fedora 15 : roundcubemail-0.7.2-2.fc15 (2012-9329)
2012-06-25 00:00:00
Fedora 16 : roundcubemail-0.7.2-2.fc16 (2012-9337)
2012-06-25 00:00:00
CVSS2
2.6
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:N/C:N/I:P/A:N
AI Score
5.4
Confidence
High
EPSS
0.003
Percentile
65.7%
Related for NVD:CVE-2012-1253