Описание
RainLoop Webmail before 1.13.0 lacks XSS protection mechanisms such as xlink:href validation, the X-XSS-Protection header, and the Content-Security-Policy header.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| rainloop | fixed | 1.14.0-1 | package |
Примечания
https://github.com/RainLoop/rainloop-webmail/commit/8eb4588917b4741889fdd905d4c32e3e86317693
EPSS
Процентиль: 42%
0.00199
Низкий
Связанные уязвимости
CVSS3: 6.1
ubuntu
почти 6 лет назад
RainLoop Webmail before 1.13.0 lacks XSS protection mechanisms such as xlink:href validation, the X-XSS-Protection header, and the Content-Security-Policy header.
CVSS3: 6.1
nvd
почти 6 лет назад
RainLoop Webmail before 1.13.0 lacks XSS protection mechanisms such as xlink:href validation, the X-XSS-Protection header, and the Content-Security-Policy header.
CVSS3: 6.1
github
больше 3 лет назад
RainLoop Webmail before 1.13.0 lacks XSS protection mechanisms such as xlink:href validation, the X-XSS-Protection header, and the Content-Security-Policy header.
EPSS
Процентиль: 42%
0.00199
Низкий