3 matches found
Linux Distros Unpatched Vulnerability : CVE-2019-13389
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RainLoop Webmail before 1.13.0 lacks XSS protection mechanisms such as xlink:href validation, the X-XSS- Protection header, and the Content-Security-Policy...
Debian: Security Advisory (DLA-3435-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2019-13389
Summary of CVE-2019-13389 : RainLoop Webmail prior to 1.13.0 is vulnerable due to missing XSS protections (no xlink:href validation, no X-XSS-Protection header, and no Content-Security-Policy header). The vulnerability can lead to cross-site scripting as described in multiple sources. Exploitatio...