VDB
CNVD-2016-02712
CNVD-2016-02712
PUBLISHED
RoundCube Webmail是一款基于浏览器的IMAP客户端(邮件客户端)。 RoundCube Webmail中存在跨站脚本漏洞,攻击者可利用该漏洞注入任意Web脚本或HTML。
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
Timeline
- Apr 26, 2016 CVE ID Reserved
- May 4, 2016 CVE Published
- Jun 25, 2026 Security Advisory
- Jun 25, 2026 Security Advisory
- Jun 25, 2026 Security Advisory
References
- openSUSE-SU-2016:2108 vendor-advisory
- https://github.com/roundcube/roundcubemail/wiki/Changelog#release-115 url
- openSUSE-SU-2016:2109 vendor-advisory
- https://github.com/roundcube/roundcubemail/releases/tag/1.0.9 url
- https://github.com/roundcube/roundcubemail/commit/40d7342dd9c9bd2a1d613edc848ed95a4d71aa18#commitcomment-15294218 url
- https://github.com/roundcube/roundcubemail/issues/4949 url
- openSUSE-SU-2016:2127 vendor-advisory
- https://github.com/roundcube/roundcubemail/releases/tag/1.1.5 url