CVE-2020-18670

2021-06-2419:15:08

Google

osv.dev

5.9 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

45.5%

JSON

Cross Site Scripting (XSS) vulneraibility in Roundcube mail .4.4 via database host and user in /installer/test.php.

CPENameOperatorVersion
roundcubemaileq1.4-rc2
roundcubemaileq1.1.0
roundcubemaileq1.4-beta
roundcubemaileq1.4.1
roundcubemaileq1.4.4
roundcubemaileq1.0-beta
roundcubemaileq1.4.0
roundcubemaileq0.1-beta2
roundcubemaileq1.1-rc
roundcubemaileq1.4-rc1

Name	Operator	Version
roundcubemail	eq	1.4-rc2
roundcubemail	eq	1.1.0
roundcubemail	eq	1.4-beta
roundcubemail	eq	1.4.1
roundcubemail	eq	1.4.4
roundcubemail	eq	1.0-beta
roundcubemail	eq	1.4.0
roundcubemail	eq	0.1-beta2
roundcubemail	eq	1.1-rc
roundcubemail	eq	1.4-rc1