Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-p9mh-3gv4-mcg7

Опубликовано: 13 мая 2022
Источник: github
Github: Не прошло ревью
CVSS3: 6.1

Описание

steps/mail/func.inc in Roundcube before 1.3.8 has XSS via crafted use of , as demonstrated by an onload attribute in a BODY element, within an HTML attachment.

steps/mail/func.inc in Roundcube before 1.3.8 has XSS via crafted use of , as demonstrated by an onload attribute in a BODY element, within an HTML attachment.

Ссылки

EPSS

Процентиль: 84%
0.02357
Низкий

6.1 Medium

CVSS3

CVE ID

CVE-2018-19206

Дефекты

CWE-79

Связанные уязвимости

ubuntu логотип

CVE-2018-19206

CVSS3: 6.1
ubuntu
около 7 лет назад

steps/mail/func.inc in Roundcube before 1.3.8 has XSS via crafted use of <svg><style>, as demonstrated by an onload attribute in a BODY element, within an HTML attachment.

nvd логотип

CVE-2018-19206

CVSS3: 6.1
nvd
около 7 лет назад

steps/mail/func.inc in Roundcube before 1.3.8 has XSS via crafted use of <svg><style>, as demonstrated by an onload attribute in a BODY element, within an HTML attachment.

debian логотип

CVE-2018-19206

CVSS3: 6.1
debian
около 7 лет назад

steps/mail/func.inc in Roundcube before 1.3.8 has XSS via crafted use ...

EPSS

Процентиль: 84%
0.02357
Низкий

6.1 Medium

CVSS3

CVE ID

CVE-2018-19206

Дефекты

CWE-79