4 matches found
Roundcube Webmail < 1.0.6, 1.1.x < 1.1.2 XSS Vulnerability
Roundcube Webmail is prone to a cross-site scripting XSS vulnerability. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...
CVE-2015-8793
Cross-site scripting XSS vulnerability in program/include/rcmail.php in Roundcube before 1.0.6 and 1.1.x before 1.1.2 allows remote attackers to inject arbitrary web script or HTML via the mbox parameter in a mail task to the default URL, a different vulnerability than CVE-2011-2937...
CVE-2015-8793
Cross-site scripting XSS vulnerability in program/include/rcmail.php in Roundcube before 1.0.6 and 1.1.x before 1.1.2 allows remote attackers to inject arbitrary web script or HTML via the mbox parameter in a mail task to the default URL, a different vulnerability than CVE-2011-2937...
CVE-2015-8793
The CVE refers to a Cross-site scripting (XSS) vulnerability in Roundcube Webmail affecting the file program/include/rcmail.php, specifically in versions before 1.0.6 and 1.1.x before 1.1.2. The underlying issue is an XSS vector via the _mbox parameter in a mail task to the default URL, enabling ...