Lucene search
K

8 matches found

seebug.org
seebug.org
added 2017/03/16 12:0 a.m.59 views

RoundCube Webmail mail <1.0.5 body stored XSS(CVE-2015-1433)

RoundCube Webmail is a foreign use of a wide an open source php e-mail system, the meaning is still quite large. roundcube webmail official website: , download the latest version. /program/lib/Roundcube/rcubewashtml.php this file is actually a rich text filter class class rcubewashtml it. roundcu...

4.3CVSS8.5AI score0.03279EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2016/09/09 12:0 a.m.34 views

Debian DLA-613-1 : roundcube security update

Multiple CSRF and XSS issues allow remote attackers to hijack the authentication and execute roundcube operations without the consent of the user. In some cases, this could result in data loss or data theft. CVE-2014-9587 Multiple cross-site request forgery CSRF vulnerabilities in allow remote...

8.8CVSS7.6AI score0.03279EPSS
Exploits2References5
OSV
OSV
added 2016/09/08 12:0 a.m.27 views

DLA-613-1 roundcube - security update

Bulletin has no description...

8.8CVSS8.5AI score0.03279EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2015/02/16 12:0 a.m.43 views

openSUSE Security Update : roundcubemail (openSUSE-2015-148)

roundcubemail was updated to version 1.0.5 to fix one security issue. This security issue was fixed : - CVE-2015-1433: program/lib/Roundcube/rcubewashtml.php in Roundcube before 1.0.5 did not properly quote strings, which allowed remote attackers to conduct cross-site scripting XSS attacks via th...

4.3CVSS7.5AI score0.03279EPSS
Exploits2References3
OpenVAS
OpenVAS
added 2015/02/15 12:0 a.m.23 views

Fedora Update for roundcubemail FEDORA-2015-1772

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.2AI score
Exploits0References2
OpenVAS
OpenVAS
added 2015/02/15 12:0 a.m.25 views

Fedora Update for roundcubemail FEDORA-2015-1761

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.2AI score
Exploits0References2
OSV
OSV
added 2015/02/03 4:59 p.m.8 views

CVE-2015-1433

program/lib/Roundcube/rcubewashtml.php in Roundcube before 1.0.5 does not properly quote strings, which allows remote attackers to conduct cross-site scripting XSS attacks via the style attribute in an email...

7.9AI score
Exploits0References10
CVE
CVE
added 2015/02/03 4:0 p.m.72 views

CVE-2015-1433

CVE-2015-1433 affects Roundcube (Roundcube Webmail) where the file program/lib/Roundcube/rcube_washtml.php mishandles quoting in the HTML style attribute, enabling remote XSS via email content. The vulnerability arises from incorrect quotation logic during sanitization of the style HTML attribute...

4.3CVSS7.8AI score0.03279EPSS
Exploits2References8Affected Software1
Rows per page
Query Builder