exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 7

CVE-2024-42008

11 месяцев назад

A Cross-Site Scripting vulnerability in rcmail_action_mail_get->run() in Roundcube through 1.5.7 and 1.6.x through 1.6.7 allows a remote attacker to steal and send emails of a victim via a malicious e-mail attachment served with a dangerous Content-Type header.

CVSS3: 9.3

EPSS: Низкий

CVE-2024-42008

11 месяцев назад

A Cross-Site Scripting vulnerability in rcmail_action_mail_get->run() in Roundcube through 1.5.7 and 1.6.x through 1.6.7 allows a remote attacker to steal and send emails of a victim via a malicious e-mail attachment served with a dangerous Content-Type header.

CVSS3: 9.3

EPSS: Низкий

CVE-2024-42008

11 месяцев назад

A Cross-Site Scripting vulnerability in rcmail_action_mail_get->run() ...

CVSS3: 9.3

EPSS: Низкий

GHSA-78jf-j6qx-c7j3

11 месяцев назад

A Cross-Site Scripting vulnerability in rcmail_action_mail_get->run() in Roundcube through 1.5.7 and 1.6.x through 1.6.7 allows a remote attacker to steal and send emails of a victim via a malicious e-mail attachment served with a dangerous Content-Type header.

CVSS3: 9.3

EPSS: Низкий

BDU:2024-06254

около 1 года назад

Уязвимость функции rcmail_action_mail_get->run() почтового клиента RoundCube Webmail, позволяющая нарушителю провести атаку межсайтового скриптинга (XSS)

CVSS3: 6.1

EPSS: Низкий

openSUSE-SU-2024:0328-1

9 месяцев назад

Security update for roundcubemail

EPSS: Низкий

ROS-20240826-17

10 месяцев назад

Множественные уязвимости roundcubemail

CVSS3: 9.3

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2024-42008 A Cross-Site Scripting vulnerability in rcmail_action_mail_get->run() in Roundcube through 1.5.7 and 1.6.x through 1.6.7 allows a remote attacker to steal and send emails of a victim via a malicious e-mail attachment served with a dangerous Content-Type header.	CVSS3: 9.3	4% Низкий	11 месяцев назад
CVE-2024-42008 A Cross-Site Scripting vulnerability in rcmail_action_mail_get->run() in Roundcube through 1.5.7 and 1.6.x through 1.6.7 allows a remote attacker to steal and send emails of a victim via a malicious e-mail attachment served with a dangerous Content-Type header.	CVSS3: 9.3	4% Низкий	11 месяцев назад
CVE-2024-42008 A Cross-Site Scripting vulnerability in rcmail_action_mail_get->run() ...	CVSS3: 9.3	4% Низкий	11 месяцев назад
GHSA-78jf-j6qx-c7j3 A Cross-Site Scripting vulnerability in rcmail_action_mail_get->run() in Roundcube through 1.5.7 and 1.6.x through 1.6.7 allows a remote attacker to steal and send emails of a victim via a malicious e-mail attachment served with a dangerous Content-Type header.	CVSS3: 9.3	4% Низкий	11 месяцев назад
BDU:2024-06254 Уязвимость функции rcmail_action_mail_get->run() почтового клиента RoundCube Webmail, позволяющая нарушителю провести атаку межсайтового скриптинга (XSS)	CVSS3: 6.1	4% Низкий	около 1 года назад
openSUSE-SU-2024:0328-1 Security update for roundcubemail			9 месяцев назад
ROS-20240826-17 Множественные уязвимости roundcubemail	CVSS3: 9.3		10 месяцев назад

Уязвимостей на страницу