CVE-2021-26925

Опубликовано: 09 фев. 2021

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 3.5

CVSS3: 5.4

Описание

Roundcube before 1.4.11 allows XSS via crafted Cascading Style Sheets (CSS) token sequences during HTML email rendering.

Релиз	Статус	Примечание
bionic	not-affected	code not present
devel	released	1.5.0+dfsg.1-2
esm-apps/bionic	not-affected	code not present
esm-apps/focal	not-affected	code not present
esm-apps/jammy	released	1.5.0+dfsg.1-2
esm-apps/xenial	not-affected	code not present
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was not-affected]
focal	not-affected	code not present
groovy	ignored	end of life
hirsute	ignored	end of life

Показывать по

EPSS

Процентиль: 49%

0.00259

Низкий

3.5 Low

CVSS2

5.4 Medium

CVSS3

CVE-2021-26925

CVSS3: 5.4

nvd

больше 4 лет назад

Roundcube before 1.4.11 allows XSS via crafted Cascading Style Sheets (CSS) token sequences during HTML email rendering.

CVE-2021-26925

CVSS3: 5.4

debian

больше 4 лет назад

Roundcube before 1.4.11 allows XSS via crafted Cascading Style Sheets ...

GHSA-xw9h-8vfr-ppf5

CVSS3: 5.4

github

больше 3 лет назад

Roundcube before 1.4.11 allows XSS via crafted Cascading Style Sheets (CSS) token sequences during HTML email rendering.

EPSS

Процентиль: 49%

0.00259

Низкий

3.5 Low

CVSS2

5.4 Medium

CVSS3