Lucene search
K

2034 matches found

Fedora
Fedora
added 2011/09/30 7:42 p.m.13 views

[SECURITY] Fedora 16 Update: roundcubemail-0.5.4-1.fc16

RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...

0.3AI score
Exploits0
NVD
NVD
added 2011/09/21 4:55 p.m.18 views

CVE-2011-2937

Cross-site scripting XSS vulnerability in the UI messages functionality in Roundcube Webmail before 0.5.4 allows remote attackers to inject arbitrary web script or HTML via the mbox parameter to the default URI...

4.3CVSS6AI score0.02453EPSS
Exploits1References10
OSV
OSV
added 2011/09/21 4:55 p.m.6 views

CVE-2011-2937

Cross-site scripting XSS vulnerability in the UI messages functionality in Roundcube Webmail before 0.5.4 allows remote attackers to inject arbitrary web script or HTML via the mbox parameter to the default URI...

6AI score
Exploits0References12
OSV
OSV
added 2011/09/21 4:55 p.m.2 views

DEBIAN-CVE-2011-2937

Cross-site scripting XSS vulnerability in the UI messages functionality in Roundcube Webmail before 0.5.4 allows remote attackers to inject arbitrary web script or HTML via the mbox parameter to the default URI...

4.3CVSS5.8AI score0.02453EPSS
Exploits1References1
Prion
Prion
added 2011/09/21 4:55 p.m.9 views

Cross site scripting

Cross-site scripting XSS vulnerability in the UI messages functionality in Roundcube Webmail before 0.5.4 allows remote attackers to inject arbitrary web script or HTML via the mbox parameter to the default URI...

4.3CVSS6AI score0.02453EPSS
Exploits1References10Affected Software1
UbuntuCve
UbuntuCve
added 2011/09/21 4:55 p.m.24 views

CVE-2011-2937

Cross-site scripting XSS vulnerability in the UI messages functionality in Roundcube Webmail before 0.5.4 allows remote attackers to inject arbitrary web script or HTML via the mbox parameter to the default URI...

4.3CVSS6.4AI score0.02453EPSS
Exploits1References2
Debian CVE
Debian CVE
added 2011/09/21 4:0 p.m.24 views

CVE-2011-2937

Cross-site scripting XSS vulnerability in the UI messages functionality in Roundcube Webmail before 0.5.4 allows remote attackers to inject arbitrary web script or HTML via the mbox parameter to the default URI...

4.3CVSS5.7AI score0.02453EPSS
Exploits1
CVE
CVE
added 2011/09/21 4:0 p.m.62 views

CVE-2011-2937

Roundcube Webmail vulnerability CVE-2011-2937 is a cross-site scripting (XSS) flaw in the UI messages functionality present before version 0.5.4. The issue allows remote attackers to inject arbitrary web script or HTML via the _mbox parameter to the default URI. The description specifies the vuln...

4.3CVSS5.9AI score0.02453EPSS
Exploits1References10Affected Software1
OpenVAS
OpenVAS
added 2011/09/21 12:0 a.m.16 views

FreeBSD Ports: roundcube

The remote host is missing an update to the system as announced in the referenced advisory. VID 4ae68e7c-dda4-11e0-a906-00215c6a37bb OpenVAS Vulnerability Test $ Description: Auto generated from VID 4ae68e7c-dda4-11e0-a906-00215c6a37bb Authors: Thomas Reinke Copyright: Copyright c 2011 E-Soft Inc...

4.3CVSS6.2AI score0.02453EPSS
Exploits1
OpenVAS
OpenVAS
added 2011/09/21 12:0 a.m.26 views

FreeBSD Ports: roundcube

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2011 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

4.3CVSS6.2AI score0.02453EPSS
Exploits1
Fedora
Fedora
added 2011/09/14 10:35 p.m.11 views

[SECURITY] Fedora 15 Update: roundcubemail-0.5.4-1.fc15

RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...

0.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2011/09/13 12:0 a.m.19 views

FreeBSD : roundcube -- XSS vulnerability (4ae68e7c-dda4-11e0-a906-00215c6a37bb)

RoundCube development Team reports : We just published a new release which fixes a recently reported XSS vulnerability as an update to the stable 0.5 branch. Please update your installations with this new version or patch them with the fix which is also published in the downloads section or our...

4.3CVSS6AI score0.02453EPSS
Exploits1References2
FreeBSD
FreeBSD
added 2011/08/09 12:0 a.m.40 views

roundcube -- XSS vulnerability

RoundCube development Team reports: We just published a new release which fixes a recently reported XSS vulnerability as an update to the stable 0.5 branch. Please update your installations with this new version or patch them with the fix which is also published in the downloads section or our...

4.3CVSS5.9AI score0.02453EPSS
Exploits1
OSV
OSV
added 2011/04/08 3:17 p.m.4 views

CVE-2011-1492

steps/utils/modcss.inc in Roundcube Webmail before 0.5.1 does not properly verify that a request is an expected request for an external Cascading Style Sheets CSS stylesheet, which allows remote authenticated users to trigger arbitrary outbound TCP connections from the server, and possibly obtain...

6.1AI score
Exploits0References7
NVD
NVD
added 2011/04/08 3:17 p.m.17 views

CVE-2011-1491

The login form in Roundcube Webmail before 0.5.1 does not properly handle a correctly authenticated but unintended login attempt, which makes it easier for remote authenticated users to obtain sensitive information by arranging for a victim to login to the attacker's account and then compose an...

3.5CVSS5.6AI score0.01519EPSS
Exploits0References6
NVD
NVD
added 2011/04/08 3:17 p.m.23 views

CVE-2011-1492

steps/utils/modcss.inc in Roundcube Webmail before 0.5.1 does not properly verify that a request is an expected request for an external Cascading Style Sheets CSS stylesheet, which allows remote authenticated users to trigger arbitrary outbound TCP connections from the server, and possibly obtain...

5.5CVSS6.2AI score0.01763EPSS
Exploits0References7
OSV
OSV
added 2011/04/08 3:17 p.m.4 views

CVE-2011-1491

The login form in Roundcube Webmail before 0.5.1 does not properly handle a correctly authenticated but unintended login attempt, which makes it easier for remote authenticated users to obtain sensitive information by arranging for a victim to login to the attacker's account and then compose an...

5.8AI score
Exploits0References6
OSV
OSV
added 2011/04/08 3:17 p.m.1 views

DEBIAN-CVE-2011-1492

steps/utils/modcss.inc in Roundcube Webmail before 0.5.1 does not properly verify that a request is an expected request for an external Cascading Style Sheets CSS stylesheet, which allows remote authenticated users to trigger arbitrary outbound TCP connections from the server, and possibly obtain...

5.5CVSS6.8AI score0.01763EPSS
Exploits0References1
OSV
OSV
added 2011/04/08 3:17 p.m.2 views

DEBIAN-CVE-2011-1491

The login form in Roundcube Webmail before 0.5.1 does not properly handle a correctly authenticated but unintended login attempt, which makes it easier for remote authenticated users to obtain sensitive information by arranging for a victim to login to the attacker's account and then compose an...

3.5CVSS6.3AI score0.01519EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2011/04/08 3:17 p.m.20 views

CVE-2011-1491

The login form in Roundcube Webmail before 0.5.1 does not properly handle a correctly authenticated but unintended login attempt, which makes it easier for remote authenticated users to obtain sensitive information by arranging for a victim to login to the attacker's account and then compose an...

3.5CVSS5.9AI score0.01519EPSS
Exploits0References1
Rows per page
Query Builder