61 matches found
CVE-2020-18670
Cross Site Scripting XSS vulneraibility in Roundcube mail .4.4 via database host and user in /installer/test.php...
CVE-2020-18670
Cross Site Scripting XSS vulneraibility in Roundcube mail .4.4 via database host and user in /installer/test.php...
CVE-2020-18671
Cross Site Scripting XSS vulnerability in Roundcube Mail =1.4.4 via smtp config in /installer/test.php...
DEBIAN-CVE-2020-18671
Cross Site Scripting XSS vulnerability in Roundcube Mail =1.4.4 via smtp config in /installer/test.php...
Cross site scripting
Cross Site Scripting XSS vulneraibility in Roundcube mail .4.4 via database host and user in /installer/test.php...
CVE-2020-18670
Cross Site Scripting XSS vulneraibility in Roundcube mail .4.4 via database host and user in /installer/test.php...
Cross site scripting
Cross Site Scripting XSS vulnerability in Roundcube Mail =1.4.4 via smtp config in /installer/test.php...
UBUNTU-CVE-2020-18670
Cross Site Scripting XSS vulneraibility in Roundcube mail .4.4 via database host and user in /installer/test.php...
UBUNTU-CVE-2020-18671
Cross Site Scripting XSS vulnerability in Roundcube Mail =1.4.4 via smtp config in /installer/test.php...
CVE-2020-18671
Cross Site Scripting XSS vulnerability in Roundcube Mail =1.4.4 via smtp config in /installer/test.php...
CVE-2020-18671
Cross Site Scripting XSS vulnerability in Roundcube Mail =1.4.4 via smtp config in /installer/test.php...
CVE-2020-18671
Summary: CVE-2020-18671 is a Cross Site Scripting (XSS) vulnerability in Roundcube Mail that can be triggered via the SMTP config path in /installer/test.php. Connected sources (OSV/OpenSUSE advisories) confirm affected versions up to 1.4.x and indicate remediation by upgrading to Roundcube 1.3.1...
CVE-2020-18671
Cross Site Scripting XSS vulnerability in Roundcube Mail =1.4.4 via smtp config in /installer/test.php...
CVE-2020-18670
CVE-2020-18670 affects Roundcube Webmail with stored XSS in /installer/test.php via database host/user input. Publicly documented impact is XSS vulnerability in Roundcube 1.3.x/LTS releases, with openSUSE advisories noting a fix by upgrading to Roundcube 1.3.16 (security update openSUSE-SU-2021:1...
CVE-2020-18670
Cross Site Scripting XSS vulneraibility in Roundcube mail .4.4 via database host and user in /installer/test.php...
CVE-2020-18670
Cross Site Scripting XSS vulneraibility in Roundcube mail .4.4 via database host and user in /installer/test.php...
The vulnerability in webmail for AJAX Roundcube-based IMAP servers relates to deficiencies in the security measures used to protect website structures. This vulnerability allows attackers to compromise data integrity.
The vulnerability of webmail for IMAP servers based on AJAX Roundcube is related to deficiencies in the security measures used to protect website structures. Exploiting this vulnerability allows a malicious actor to compromise the integrity of data...
MGASA-2020-0301 Updated roundcubemail packages fix security vulnerability
This update fixes a recently reported cross-site scripting XSS vulnerability via HTML messages with malicious svg/namespace...
PT-2020-6405 · Unknown +2 · Roundcubemail +2
Name of the Vulnerable Software and Affected Versions: Roundcube Mail versions prior to 1.4.5 Description: The issue is related to a Cross Site Scripting XSS vulnerability. It is associated with the smtp config in the installer. The vulnerability may allow a remote attacker to impact data...
MGASA-2018-0288 Updated roundcubemail packages fix security vulnerability
Updated roundcubemail package fixes security vulnerability: This update fixes a recently discovered IMAP command injection vulnerability caused by insufficient input validation within the archive plugin. CVE-2018-9846...