CVE-2012-6121

Published: Feb 24, 2013

Modified: Aug 6, 2024

PUBLISHED

Description

Cross-site scripting (XSS) vulnerability in Roundcube Webmail before 0.8.5 allows remote attackers to inject arbitrary web script or HTML via a (1) data:text or (2) vbscript link.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

openSUSE-SU-2013:0307

vendor-advisory

x_refsource_SUSE

https://github.com/roundcube/roundcubemail/commit/74cd0a9b62f11bc07c5a1d3ba0098b54883eb0ba

x_refsource_CONFIRM

openSUSE-SU-2013:1420

vendor-advisory

x_refsource_SUSE

http://sourceforge.net/news/?group_id=139281&id=310213

x_refsource_CONFIRM

57849

vdb-entry

x_refsource_BID

[oss-security] 20130207 Re: CVE request: XSS in roundcube before 0.8.5

mailing-list

x_refsource_MLIST

http://trac.roundcube.net/ticket/1488850

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2012-6121

Description

Affected Products

References