Webmail Security Vulnerabilities and Issues — Webmail CVE List | Vulners.com

Lucene search

K

RoundcubeWebmail

5 matches found

CVE•added 2021/11/19 4:15 a.m.•594 views

CVE-2021-44026

Roundcube before 1.3.17 and 1.4.x before 1.4.12 is prone to a potential SQL injection via search or search_params.

9.8CVSS9.6AI score0.68761EPSS

CVE•added 2021/06/24 7:15 p.m.•159 views

CVE-2020-18670

Cross Site Scripting (XSS) vulneraibility in Roundcube mail .4.4 via database host and user in /installer/test.php.

5.4CVSS5.6AI score0.00415EPSS

CVE•added 2021/06/24 7:15 p.m.•155 views

CVE-2020-18671

Cross Site Scripting (XSS) vulnerability in Roundcube Mail

5.4CVSS5.5AI score0.00386EPSS

CVE•added 2021/11/19 4:15 a.m.•92 views

CVE-2021-44025

Roundcube before 1.3.17 and 1.4.x before 1.4.12 is prone to XSS in handling an attachment's filename extension when displaying a MIME type warning message.

6.1CVSS7.2AI score0.00635EPSS

CVE•added 2021/02/09 9:15 a.m.•57 views

CVE-2021-26925

Roundcube before 1.4.11 allows XSS via crafted Cascading Style Sheets (CSS) token sequences during HTML email rendering.

5.4CVSS5AI score0.00259EPSS