Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2017-6820

Опубликовано: 12 мар. 2017
Источник: debian

Описание

rcube_utils.php in Roundcube before 1.1.8 and 1.2.x before 1.2.4 is susceptible to a cross-site scripting vulnerability via a crafted Cascading Style Sheets (CSS) token sequence within an SVG element.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
roundcubefixed1.2.3+dfsg.1-3package

Примечания

  • https://github.com/roundcube/roundcubemail/commit/fa2824fdcd44af3f970b2797feb47652482c8305

  • https://github.com/roundcube/roundcubemail/commit/cbd35626f7db7855f3b5e2db00d28ecc1554e9f4

  • https://github.com/roundcube/roundcubemail/wiki/Changelog#release-124

  • https://github.com/roundcube/roundcubemail/releases/tag/1.1.8

Связанные уязвимости

ubuntu логотип

CVE-2017-6820

CVSS3: 6.1
ubuntu
почти 9 лет назад

rcube_utils.php in Roundcube before 1.1.8 and 1.2.x before 1.2.4 is susceptible to a cross-site scripting vulnerability via a crafted Cascading Style Sheets (CSS) token sequence within an SVG element.

nvd логотип

CVE-2017-6820

CVSS3: 6.1
nvd
почти 9 лет назад

rcube_utils.php in Roundcube before 1.1.8 and 1.2.x before 1.2.4 is susceptible to a cross-site scripting vulnerability via a crafted Cascading Style Sheets (CSS) token sequence within an SVG element.

suse-cvrf логотип

openSUSE-SU-2017:0742-1

suse-cvrf
почти 9 лет назад

Security update for roundcubemail

github логотип

GHSA-76mh-6w46-rwcg

CVSS3: 6.1
github
больше 3 лет назад

rcube_utils.php in Roundcube before 1.1.8 and 1.2.x before 1.2.4 is susceptible to a cross-site scripting vulnerability via a crafted Cascading Style Sheets (CSS) token sequence within an SVG element.