8 matches found
Linux Distros Unpatched Vulnerability : CVE-2022-29360
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Email Viewer in RainLoop through 1.6.0 allows XSS via a crafted email message. CVE-2022-29360 Note that Nessus relies on the presence of the package as...
Debian: Security Advisory (DLA-3435-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
UBUNTU-CVE-2022-29360
The Email Viewer in RainLoop through 1.6.0 allows XSS via a crafted email message...
CVE-2022-29360
The Email Viewer in RainLoop through 1.6.0 allows XSS via a crafted email message...
CVE-2022-29360
The CVE-2022-29360 issue affects RainLoop’s Email Viewer (RainLoop) when processing HTML content in emails, enabling cross‑site scripting via a crafted text/html email message in versions up to 1.6.0. Technical sources reference this XSS in RainLoop’s Email Viewer and note remediation in Debian: ...
CVE-2022-29360
Removed by vendor...
FreeBSD : rainloop -- cross-site-scripting (XSS) vulnerability (a8118db0-cac2-11ec-9288-0800270512f4)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the a8118db0-cac2-11ec-9288-0800270512f4 advisory. - The Email Viewer in RainLoop through 1.6.0 allows XSS via a crafted email message. CVE-2022-29360 Not...
Unpatched Bug in RainLoop Webmail Could Give Hackers Access to all Emails
An unpatched high-severity security flaw has been disclosed in the open-source RainLoop web-based email client that could be weaponized to siphon emails from victims' inboxes. "The code vulnerability ... can be easily exploited by an attacker by sending a malicious email to a victim that uses...