Lucene search
K

5 matches found

Mageia
Mageia
added 2025/06/11 5:43 p.m.15 views

Updated roundcubemail packages fix security vulnerability

A Post-Auth RCE was announced and fixed in the latest release...

9.9CVSS9.8AI score0.94741EPSS
Exploits29References5
OSV
OSV
added 2021/07/06 4:6 a.m.7 views

OPENSUSE-SU-2021:0974-1 Security update for roundcubemail

This update for roundcubemail fixes the following issues: Upgrade to version 1.3.16 This is a security update to the LTS version 1.3. It fixes a recently reported stored cross-site scripting XSS vulnerability via HTML or plain text messages with malicious content. References: - CVE-2020-18670:...

6.1CVSS6AI score0.32823EPSS
Exploits3References7
OSV
OSV
added 2016/12/29 11:39 p.m.8 views

MGASA-2016-0430 Updated roundcubemail packages fix security vulnerability

Users can execute commands on the server by writing e-mails, due to insufficient sanitation of the from field when calling PHP's mail function CVE-2016-9920. Note that only roundcubemail installations that don't have an SMTP server configured for mail delivery are affected...

7.5CVSS7.7AI score0.05621EPSS
Exploits2References4
OSV
OSV
added 2015/11/07 8:11 p.m.3 views

MGASA-2015-0438 Updated roundcubemail packages fix security vulnerability

The roundcubemail package has been updated to version 1.0.7, which fixes a XSS issue in drag-n-drop file uploads and other bugs. See the upstream release announcement for more details...

6.2AI score
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.28 views

openSUSE Security Update : roundcubemail (openSUSE-SU-2012:1124-1)

Update to version 0.8.1 - lot of bugfixes and new features including new skin please check the CHANGELOG - contains security related fixes bnc777446 - Fix XSS vulnerability in message subject handling using Larry skin CVE-2012-3507 - Fix XSS issue where plain signatures wasn't secured in HTML...

4.3CVSS7.7AI score0.04198EPSS
Exploits1References4
Rows per page
Query Builder