Lucene search
K

5 matches found

NVD
NVD
added 2015/11/10 5:59 p.m.16 views

CVE-2015-8105

Cross-site scripting XSS vulnerability in program/js/app.js in Roundcube webmail before 1.0.7 and 1.1.x before 1.1.3 allows remote authenticated users to inject arbitrary web script or HTML via the file name in a drag-n-drop file upload...

3.5CVSS6.5AI score0.01459EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2015/11/10 5:59 p.m.20 views

CVE-2015-8105

Cross-site scripting XSS vulnerability in program/js/app.js in Roundcube webmail before 1.0.7 and 1.1.x before 1.1.3 allows remote authenticated users to inject arbitrary web script or HTML via the file name in a drag-n-drop file upload...

3.5CVSS7.2AI score0.01459EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2015/11/10 4:0 p.m.16 views

CVE-2015-8105

Cross-site scripting XSS vulnerability in program/js/app.js in Roundcube webmail before 1.0.7 and 1.1.x before 1.1.3 allows remote authenticated users to inject arbitrary web script or HTML via the file name in a drag-n-drop file upload...

3.5CVSS6.4AI score0.01459EPSS
Exploits0
CVE
CVE
added 2015/11/10 4:0 p.m.56 views

CVE-2015-8105

CVE-2015-8105 affects Roundcube webmail, specifically the vulnerable component is program/js/app.js. The XSS flaw arises in the drag-and-drop file upload via the filename field, impacting Roundcube versions before 1.0.7 and 1.1.x before 1.1.3. Exploitation requires remote authenticated access, en...

3.5CVSS6.3AI score0.01459EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2015/11/10 4:0 p.m.23 views

CVE-2015-8105

Cross-site scripting XSS vulnerability in program/js/app.js in Roundcube webmail before 1.0.7 and 1.1.x before 1.1.3 allows remote authenticated users to inject arbitrary web script or HTML via the file name in a drag-n-drop file upload...

6.5AI score0.01459EPSS
Exploits0References4
Rows per page
Query Builder