Lucene search
K

5 matches found

NVD
NVD
added 2015/11/10 5:59 p.m.16 views

CVE-2015-8105

Cross-site scripting XSS vulnerability in program/js/app.js in Roundcube webmail before 1.0.7 and 1.1.x before 1.1.3 allows remote authenticated users to inject arbitrary web script or HTML via the file name in a drag-n-drop file upload...

3.5CVSS6.5AI score0.01459EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2015/11/10 5:59 p.m.21 views

CVE-2015-8105

Cross-site scripting XSS vulnerability in program/js/app.js in Roundcube webmail before 1.0.7 and 1.1.x before 1.1.3 allows remote authenticated users to inject arbitrary web script or HTML via the file name in a drag-n-drop file upload...

3.5CVSS7.2AI score0.01459EPSS
Exploits0References4
Cvelist
Cvelist
added 2015/11/10 4:0 p.m.23 views

CVE-2015-8105

Cross-site scripting XSS vulnerability in program/js/app.js in Roundcube webmail before 1.0.7 and 1.1.x before 1.1.3 allows remote authenticated users to inject arbitrary web script or HTML via the file name in a drag-n-drop file upload...

6.5AI score0.01459EPSS
Exploits0References4
CVE
CVE
added 2015/11/10 4:0 p.m.56 views

CVE-2015-8105

CVE-2015-8105 affects Roundcube webmail, specifically the vulnerable component is program/js/app.js. The XSS flaw arises in the drag-and-drop file upload via the filename field, impacting Roundcube versions before 1.0.7 and 1.1.x before 1.1.3. Exploitation requires remote authenticated access, en...

3.5CVSS6.3AI score0.01459EPSS
Exploits0References4Affected Software1
Debian CVE
Debian CVE
added 2015/11/10 4:0 p.m.22 views

CVE-2015-8105

Cross-site scripting XSS vulnerability in program/js/app.js in Roundcube webmail before 1.0.7 and 1.1.x before 1.1.3 allows remote authenticated users to inject arbitrary web script or HTML via the file name in a drag-n-drop file upload...

3.5CVSS6.4AI score0.01459EPSS
Exploits0
Rows per page
Query Builder