7 matches found
Linux Distros Unpatched Vulnerability : CVE-2024-57004
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross-Site Scripting XSS vulnerability in Roundcube Webmail 1.6.9 allows remote authenticated users to upload a malicious file as an email attachment, leading t...
Roundcube Webmail <= 1.6.9 XSS Vulnerability - Windows
Roundcube Webmail is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2024-57004
Cross-Site Scripting XSS vulnerability in Roundcube Webmail 1.6.9 allows remote authenticated users to upload a malicious file as an email attachment, leading to the triggering of the XSS by visiting the SENT session...
CVE-2024-57004
creationtimestamp| type| source ---|---|--- 2025-02-03 18:47:42+00:00| seen| https://infosec.exchange/users/cve/statuses/113941444193551327 2025-02-03 19:16:17+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhcawyo7rz2t...
CVE-2024-57004
CVE-2024-57004 affects Roundcube Webmail 1.6.9. An XSS exists where remote authenticated users can upload a malicious file as an email attachment, with the XSS triggered when visiting the SENT session. The description specifies the vulnerable component is the attachment upload path and the conseq...
CVE-2024-57004
Cross-Site Scripting XSS vulnerability in Roundcube Webmail 1.6.9 allows remote authenticated users to upload a malicious file as an email attachment, leading to the triggering of the XSS by visiting the SENT session...
CVE-2024-57004
Cross-Site Scripting XSS vulnerability in Roundcube Webmail 1.6.9 allows remote authenticated users to upload a malicious file as an email attachment, leading to the triggering of the XSS by visiting the SENT session...