Lucene search
GoogleOSV:CVE-2017-6820HistoryMar 12, 2017 - 5:59 a.m.
CVE-2017-6820
2017-03-1205:59:00
Google
osv.dev
4
0.002 Low
EPSS
Percentile
58.8%
rcube_utils.php in Roundcube before 1.1.8 and 1.2.x before 1.2.4 is susceptible to a cross-site scripting vulnerability via a crafted Cascading Style Sheets (CSS) token sequence within an SVG element.
References
www.securityfocus.com/bid/96817
github.com/roundcube/roundcubemail/commit/cbd35626f7db7855f3b5e2db00d28ecc1554e9f4
github.com/roundcube/roundcubemail/commit/fa2824fdcd44af3f970b2797feb47652482c8305
github.com/roundcube/roundcubemail/releases/tag/1.1.8
github.com/roundcube/roundcubemail/releases/tag/1.2.4
github.com/roundcube/roundcubemail/wiki/Changelog#release-124
roundcube.net/news/2017/03/10/updates-1.2.4-and-1.1.8-released
Related
seebug
seebug
Roundcube mail body of the stored cross site Vulnerability(CVE-2017-6820)
2017-03-15 00:00:00
openvas
openvas
Debian: Security Advisory (DLA-855-1)
2018-01-11 00:00:00
Roundcube Webmail < 1.1.8, 1.2.x < 1.2.4 XSS Vulnerability
2017-03-13 00:00:00
Mageia: Security Advisory (MGASA-2017-0092)
2022-01-28 00:00:00
archlinux
archlinux
[ASA-201703-10] roundcubemail: cross-site scripting
2017-03-14 00:00:00
mageia
mageia
Updated roundcubemail package fixes security vulnerability
2017-03-28 00:27:33
nvd
nvd
CVE-2017-6820
2017-03-12 05:59:00
nessus
nessus
Debian DLA-855-1 : roundcube security update
2017-03-14 00:00:00
openSUSE Security Update : roundcubemail (openSUSE-2017-355)
2017-03-20 00:00:00
prion
prion
Cross site scripting
2017-03-12 05:59:00
cvelist
cvelist
CVE-2017-6820
2017-03-12 04:57:00
ubuntucve
ubuntucve
CVE-2017-6820
2017-03-12 00:00:00
cve
cve
CVE-2017-6820
2017-03-12 05:59:00
debiancve
debiancve
CVE-2017-6820
2017-03-12 05:59:00
debian
debian
[SECURITY] [DLA 855-1] roundcube security update
2017-03-13 22:30:09
osv
osv
roundcube - security update
2017-03-13 00:00:00