3 matches found
[ MDVSA-2013:226 ] roundcubemail
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:226 http://www.mandriva.com/en/support/security/ Package : roundcubemail Date : September 5, 2013 Affected: Business Server 1.0, Enterprise Server 5.0 Problem Description: Multiple vulnerabilities has been...
Mandriva Linux Security Advisory : roundcubemail (MDVSA-2013:226)
Multiple vulnerabilities has been discovered and corrected in roundcubemail : Multiple cross-site scripting XSS vulnerabilities in Roundcube webmail before 0.9.3 allow user-assisted remote attackers to inject arbitrary web script or HTML via the body of a message visited in 1 new or 2 draft mode,...
CVE-2013-5645
CVE-2013-5645 pertains to multiple cross-site scripting (XSS) vulnerabilities in Roundcube webmail before version 0.9.3. The issues allow user-assisted remote attackers to inject arbitrary script/HTML via the body of a message viewed in new or draft mode (compose.inc) and may also enable injectio...