Webmail@0.5.2 Security Vulnerabilities and Issues — Webmail@0.5.2 CVE List

Lucene search

RoundcubeWebmail0.5.2

2 matches found

CVE•added 2011/11/03 3:55 p.m.•50 views

CVE-2011-4078

include/iniset.php in Roundcube Webmail 0.5.4 and earlier, when PHP 5.3.7 or 5.3.8 is used, allows remote attackers to trigger a GET request for an arbitrary URL, and cause a denial of service (resource consumption and inbox outage), via a Subject header containing only a URL, a related issue to CV...

5CVSS6.8AI score0.01085EPSS

CVE•added 2011/09/21 4:55 p.m.•43 views

CVE-2011-2937

Cross-site scripting (XSS) vulnerability in the UI messages functionality in Roundcube Webmail before 0.5.4 allows remote attackers to inject arbitrary web script or HTML via the _mbox parameter to the default URI.

4.3CVSS5.9AI score0.00665EPSS