10 matches found
SUSE CVE-2015-8864
Cross-site scripting XSS vulnerability in Roundcube Webmail before 1.0.9 and 1.1.x before 1.1.5 allows remote attackers to inject arbitrary web script or HTML via a crafted SVG, a different vulnerability than CVE-2016-4068...
CVE-2015-8864
Cross-site scripting XSS vulnerability in Roundcube Webmail before 1.0.9 and 1.1.x before 1.1.5 allows remote attackers to inject arbitrary web script or HTML via a crafted SVG, a different vulnerability than CVE-2016-4068...
CVE-2015-8864
Cross-site scripting XSS vulnerability in Roundcube Webmail before 1.0.9 and 1.1.x before 1.1.5 allows remote attackers to inject arbitrary web script or HTML via a crafted SVG, a different vulnerability than CVE-2016-4068...
CVE-2015-8864
CVE-2015-8864 is an XSS vulnerability in Roundcube Webmail, exploitable through a crafted SVG. Affected products are Roundcube Webmail before 1.0.9 and 1.1.x before 1.1.5. The issue allows remote attackers to inject arbitrary web script or HTML. The description explicitly notes this is a separate...
CVE-2015-8864
Cross-site scripting XSS vulnerability in Roundcube Webmail before 1.0.9 and 1.1.x before 1.1.5 allows remote attackers to inject arbitrary web script or HTML via a crafted SVG, a different vulnerability than CVE-2016-4068...
openSUSE Security Update : roundcubemail (openSUSE-2016-1011)
This update for roundcubemail updates roundcubemail to 1.0.9 and fixes the following issues : - CVE-2015-8864 XSS issue in SVG image handling boo976988 - CVE-2015-2181 Security issue in DBMail driver of password plugin %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...
openSUSE Security Update : roundcubemail (openSUSE-2016-996)
This update for roundcubemail fixes the following vulnerabilities : - CVE-2015-8864: XSS issue in SVG images handling boo976988 - CVE-2015-2181: issue in DBMail driver of password plugin Roundcubemail was also updated to 1.0.9, fixing the following bugs : - Fix a regression where some contact dat...
openSUSE Security Update : roundcubemail (openSUSE-2016-995)
This update for roundcubemail fixes the following vulnerabilities : - CVE-2015-8864: XSS issue in SVG images handling boo976988 - CVE-2015-2181: issue in DBMail driver of password plugin - CVE-2016-4069: Cross-site request forgery in download URLs boo976988 Roundcubemail was also updated to 1.1.5...
Fedora Update for roundcubemail FEDORA-2016-69
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated roundcubemail packages fix security vulnerabilities
Updated roundcubemail packages fix security vulnerabilities: More security issues in the DBMail driver for the password plugin, related to CVE-2015-2181. XSS issue in SVG images handling CVE-2015-8864. Lack of protection for attachment download URLs against CSRF CVE-2016-4069. The roundcubemail...